diff options
| author | Martin Hanzel <mhanzel@gitlab.com> | 2019-07-25 12:30:13 +0200 |
|---|---|---|
| committer | Martin Hanzel <mhanzel@gitlab.com> | 2019-07-25 12:30:13 +0200 |
| commit | 979f0842653fa6b48a88cb6286a2145654d8e197 (patch) | |
| tree | d00bb73e74a801dcbc46547fcce32c4cffafe9ba | |
| parent | 0b8b0c718bef1e782b151072f2e4decf723d02c7 (diff) | |
| download | gitlab-ce-979f0842653fa6b48a88cb6286a2145654d8e197.tar.gz | |
Add rel noopener, noreferrer to links
| -rw-r--r-- | app/assets/javascripts/vue_shared/components/markdown/toolbar.vue | 4 | ||||
| -rw-r--r-- | app/views/shared/notes/_hints.html.haml | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/app/assets/javascripts/vue_shared/components/markdown/toolbar.vue b/app/assets/javascripts/vue_shared/components/markdown/toolbar.vue index 737aecc9d4d..21c44b59520 100644 --- a/app/assets/javascripts/vue_shared/components/markdown/toolbar.vue +++ b/app/assets/javascripts/vue_shared/components/markdown/toolbar.vue @@ -24,8 +24,8 @@ export default { }, computed: { toolbarHelpHtml() { - const mdLinkStart = `<a href="${this.markdownDocsPath}" target="_blank" tabindex="-1">`; - const actionsLinkStart = `<a href="${this.quickActionsDocsPath}" target="_blank" tabindex="-1">`; + const mdLinkStart = `<a href="${this.markdownDocsPath}" target="_blank" rel="noopener noreferrer" tabindex="-1">`; + const actionsLinkStart = `<a href="${this.quickActionsDocsPath}" target="_blank" rel="noopener noreferrer" tabindex="-1">`; const linkEnd = '</a>'; if (this.markdownDocsPath && !this.quickActionsDocsPath) { diff --git a/app/views/shared/notes/_hints.html.haml b/app/views/shared/notes/_hints.html.haml index b2650533414..72ede50dd8c 100644 --- a/app/views/shared/notes/_hints.html.haml +++ b/app/views/shared/notes/_hints.html.haml @@ -1,8 +1,8 @@ - supports_quick_actions = local_assigns.fetch(:supports_quick_actions, false) .comment-toolbar.clearfix .toolbar-text - - md_link_start = '<a href="%{url}" target="_blank" tabindex="-1">'.html_safe % { url: help_page_path('user/markdown') } - - actions_link_start = '<a href="%{url}" target="_blank" tabindex="-1">'.html_safe % { url: help_page_path('user/project/quick_actions') } + - md_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer" tabindex="-1">'.html_safe % { url: help_page_path('user/markdown') } + - actions_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer" tabindex="-1">'.html_safe % { url: help_page_path('user/project/quick_actions') } - link_end = '</a>'.html_safe - if supports_quick_actions = s_('Editor|%{mdLinkStart}Markdown%{mdLinkEnd} and %{actionsLinkStart}quick actions%{actionsLinkEnd} are supported').html_safe % { mdLinkStart: md_link_start, mdLinkEnd: link_end, actionsLinkStart: actions_link_start, actionsLinkEnd: link_end } |