diff options
| author | Robert Speicher <robert@gitlab.com> | 2016-04-21 20:49:41 +0000 |
|---|---|---|
| committer | Robert Speicher <robert@gitlab.com> | 2016-04-21 20:49:41 +0000 |
| commit | 1ea2408ba351646ac60c88136ed8b9acc58c6557 (patch) | |
| tree | 9722a8ad3feddc1bcf653ac12ebdec6cb618b832 | |
| parent | 0ae039d0a1da83d6e9b4cc4ffa20279ed9928a80 (diff) | |
| parent | 72debd840cb76a5fc0929c0caeca179c39378680 (diff) | |
| download | gitlab-ce-1ea2408ba351646ac60c88136ed8b9acc58c6557.tar.gz | |
Merge branch 'dev_issue_15331' into 'master'
Fixes window.opener bug
Adds `noreferrer` value to rel attribute for external links
REF: https://gitlab.com/gitlab-org/gitlab-ce/issues/15331
See merge request !1953
| -rw-r--r-- | lib/banzai/filter/external_link_filter.rb | 5 | ||||
| -rw-r--r-- | spec/features/markdown_spec.rb | 7 | ||||
| -rw-r--r-- | spec/lib/banzai/filter/external_link_filter_spec.rb | 10 |
3 files changed, 17 insertions, 5 deletions
diff --git a/lib/banzai/filter/external_link_filter.rb b/lib/banzai/filter/external_link_filter.rb index d179bea181e..38c4219518e 100644 --- a/lib/banzai/filter/external_link_filter.rb +++ b/lib/banzai/filter/external_link_filter.rb @@ -1,7 +1,6 @@ module Banzai module Filter - # HTML Filter to add a `rel="nofollow"` attribute to external links - # + # HTML Filter to modify the attributes of external links class ExternalLinkFilter < HTML::Pipeline::Filter def call doc.search('a').each do |node| @@ -15,7 +14,7 @@ module Banzai # Skip internal links next if link.start_with?(internal_url) - node.set_attribute('rel', 'nofollow') + node.set_attribute('rel', 'nofollow noreferrer') end doc diff --git a/spec/features/markdown_spec.rb b/spec/features/markdown_spec.rb index 3d0d0e59fd7..0148c87084a 100644 --- a/spec/features/markdown_spec.rb +++ b/spec/features/markdown_spec.rb @@ -165,7 +165,12 @@ describe 'GitLab Markdown', feature: true do describe 'ExternalLinkFilter' do it 'adds nofollow to external link' do link = doc.at_css('a:contains("Google")') - expect(link.attr('rel')).to match 'nofollow' + expect(link.attr('rel')).to include('nofollow') + end + + it 'adds noreferrer to external link' do + link = doc.at_css('a:contains("Google")') + expect(link.attr('rel')).to include('noreferrer') end it 'ignores internal link' do diff --git a/spec/lib/banzai/filter/external_link_filter_spec.rb b/spec/lib/banzai/filter/external_link_filter_spec.rb index e3a8e15330e..f4c5c621bd0 100644 --- a/spec/lib/banzai/filter/external_link_filter_spec.rb +++ b/spec/lib/banzai/filter/external_link_filter_spec.rb @@ -24,6 +24,14 @@ describe Banzai::Filter::ExternalLinkFilter, lib: true do doc = filter(act) expect(doc.at_css('a')).to have_attribute('rel') - expect(doc.at_css('a')['rel']).to eq 'nofollow' + expect(doc.at_css('a')['rel']).to include 'nofollow' + end + + it 'adds rel="noreferrer" to external links' do + act = %q(<a href="https://google.com/">Google</a>) + doc = filter(act) + + expect(doc.at_css('a')).to have_attribute('rel') + expect(doc.at_css('a')['rel']).to include 'noreferrer' end end |