Fix external links security
This commit is contained in:
parent
358717f693
commit
de9866362e
|
@ -1 +1 @@
|
|||
<a href="{{ .Destination | safeURL }}"{{ with .Title}} title="{{ . }}"{{ end }}{{ if strings.HasPrefix .Destination "http" }} target="_blank"{{ end }}>{{ .Text | markdownify }}</a>
|
||||
<a href="{{ .Destination | safeURL }}"{{ with .Title}} title="{{ . }}"{{ end }}{{ if strings.HasPrefix .Destination "http" }} target="_blank" rel="noopener"{{ end }}>{{ .Text | markdownify }}</a>
|
|
@ -24,7 +24,7 @@
|
|||
{{ end }}
|
||||
{{ .Content }}
|
||||
{{ with .Params.externalUrl }}
|
||||
<p><a class="u-bookmark-of" href="{{ . }}" target="_blank">{{ . }}</a></p>
|
||||
<p><a class="u-bookmark-of" href="{{ . }}" target="_blank" rel="noopener">{{ . }}</a></p>
|
||||
{{ end }}
|
||||
</div>
|
||||
{{ partial "post_tags" . }}
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
<div class="list-header">
|
||||
{{ if .Title }}
|
||||
{{ if (and $showFull .Params.externalURL) }}
|
||||
<a class="u-bookmark-of" href="{{ .Params.externalURL }}" target="_blank">
|
||||
<a class="u-bookmark-of" href="{{ .Params.externalURL }}" target="_blank" rel="noopener">
|
||||
<h2 class="list-title p-name">{{ .Title }}</h2>
|
||||
</a>
|
||||
{{ else }}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{{ if .Param "shareLink" }}
|
||||
<div class="item">
|
||||
<a href="https://www.addtoany.com/share#url={{ .Permalink }}{{ with .Title }}&title={{ . }}{{ end }}" target="_blank" rel="nofollow noopener">{{ T "share" }}</a>
|
||||
<a href="https://www.addtoany.com/share#url={{ .Permalink }}{{ with .Title }}&title={{ . }}{{ end }}" target="_blank" rel="nofollow noopener noreferrer">{{ T "share" }}</a>
|
||||
</div>
|
||||
{{ end }}
|
||||
{{ if .IsTranslated }}
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
<ul class="mentions-list">
|
||||
{{ range sort . ".date" "asc" }}
|
||||
{{ $sourceUrl := urls.Parse .source }}
|
||||
<li class="item"><a href="{{ .source }}" target="_blank" rel="nofollow noopener">{{ $sourceUrl.Host }}</a> <i>{{ dateFormat $dateFormat .date }}</i></li>
|
||||
<li class="item"><a href="{{ .source }}" target="_blank" rel="nofollow noopener noreferrer">{{ $sourceUrl.Host }}</a> <i>{{ dateFormat $dateFormat .date }}</i></li>
|
||||
{{ end }}
|
||||
</ul>
|
||||
</details>
|
||||
|
|
|
@ -16,25 +16,25 @@
|
|||
{{ with .Param "indieweb.reply" }}
|
||||
{{ if .link }}
|
||||
<div class="item">
|
||||
{{ T "meta_reply_to" }}: <a class="u-in-reply-to" href="{{ .link }}" target="_blank">{{ .title | default .link }}</a>
|
||||
{{ T "meta_reply_to" }}: <a class="u-in-reply-to" href="{{ .link }}" target="_blank" rel="noopener">{{ .title | default .link }}</a>
|
||||
</div>
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
{{ with .Param "indieweb.like" }}
|
||||
{{ if .link }}
|
||||
<div class="item">
|
||||
{{ T "meta_like_of" }}: <a class="u-like-of" href="{{ .link }}" target="_blank">{{ .title | default .link }}</a>
|
||||
{{ T "meta_like_of" }}: <a class="u-like-of" href="{{ .link }}" target="_blank" rel="noopener">{{ .title | default .link }}</a>
|
||||
</div>
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
{{ if .Param "shareLink" }}
|
||||
<div class="item">
|
||||
<a href="https://www.addtoany.com/share#url={{ .Permalink }}{{ with .Title }}&title={{ . }}{{ end }}" target="_blank" rel="nofollow noopener">{{ T "share" }}</a>
|
||||
<a href="https://www.addtoany.com/share#url={{ .Permalink }}{{ with .Title }}&title={{ . }}{{ end }}" target="_blank" rel="nofollow noopener noreferrer">{{ T "share" }}</a>
|
||||
</div>
|
||||
{{ end }}
|
||||
{{ with .Param "syndicate" }}
|
||||
<div class="item">
|
||||
{{ T "also_on" }}:{{ $delimiter := "" }}{{ range $index, $link := . }}{{ $delimiter }} <a class="u-syndication" href="{{ $link }}" target="_blank">{{ (urls.Parse $link).Host }}</a>{{ $delimiter = "," }}{{ end }}
|
||||
{{ T "also_on" }}:{{ $delimiter := "" }}{{ range $index, $link := . }}{{ $delimiter }} <a class="u-syndication" href="{{ $link }}" target="_blank" rel="nofollow noopener noreferrer">{{ (urls.Parse $link).Host }}</a>{{ $delimiter = "," }}{{ end }}
|
||||
</div>
|
||||
{{ end }}
|
||||
{{ if .IsTranslated }}
|
||||
|
|
Reference in New Issue