diff options
| author | Jacob Schatz <jschatz@gitlab.com> | 2017-03-15 21:21:48 +0000 |
|---|---|---|
| committer | DJ Mountney <david@twkie.net> | 2017-03-20 18:51:36 -0700 |
| commit | c5a9d73ad8a141166d871e551027208014a281c0 (patch) | |
| tree | 2c67e06925166205e40c35588732285260bdecdb /app/helpers | |
| parent | 153b594c06c994a8c9b4a92e9c5c33c3cdb4e0e0 (diff) | |
| download | gitlab-ce-c5a9d73ad8a141166d871e551027208014a281c0.tar.gz | |
Merge branch 'fix-links-target-blank' into 'security'
Adds rel="noopener noreferrer" to all links with target="_blank"
See merge request !2071
Diffstat (limited to 'app/helpers')
| -rw-r--r-- | app/helpers/blob_helper.rb | 2 | ||||
| -rw-r--r-- | app/helpers/commits_helper.rb | 2 | ||||
| -rw-r--r-- | app/helpers/import_helper.rb | 2 |
3 files changed, 3 insertions, 3 deletions
diff --git a/app/helpers/blob_helper.rb b/app/helpers/blob_helper.rb index 0b0c6a07efd..8631bc54509 100644 --- a/app/helpers/blob_helper.rb +++ b/app/helpers/blob_helper.rb @@ -215,6 +215,6 @@ module BlobHelper end def open_raw_file_button(path) - link_to icon('file-code-o'), path, class: 'btn btn-sm has-tooltip', target: '_blank', title: 'Open raw', data: { container: 'body' } + link_to icon('file-code-o'), path, class: 'btn btn-sm has-tooltip', target: '_blank', rel: 'noopener noreferrer', title: 'Open raw', data: { container: 'body' } end end diff --git a/app/helpers/commits_helper.rb b/app/helpers/commits_helper.rb index 8aad39e148b..cef624430da 100644 --- a/app/helpers/commits_helper.rb +++ b/app/helpers/commits_helper.rb @@ -211,7 +211,7 @@ module CommitsHelper external_url = environment.external_url_for(diff_new_path, commit_sha) return unless external_url - link_to(external_url, class: 'btn btn-file-option has-tooltip', target: '_blank', title: "View on #{environment.formatted_external_url}", data: { container: 'body' }) do + link_to(external_url, class: 'btn btn-file-option has-tooltip', target: '_blank', rel: 'noopener noreferrer', title: "View on #{environment.formatted_external_url}", data: { container: 'body' }) do icon('external-link') end end diff --git a/app/helpers/import_helper.rb b/app/helpers/import_helper.rb index a0642a1894b..a57b5a8fea5 100644 --- a/app/helpers/import_helper.rb +++ b/app/helpers/import_helper.rb @@ -7,7 +7,7 @@ module ImportHelper def provider_project_link(provider, path_with_namespace) url = __send__("#{provider}_project_url", path_with_namespace) - link_to path_with_namespace, url, target: '_blank' + link_to path_with_namespace, url, target: '_blank', rel: 'noopener noreferrer' end private |