aljaz/CTFd
1
0
Fork 0
mirror of https://github.com/aljazceru/CTFd.git synced 2025-12-18 14:34:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add rel=noopener to external links (#1633)

Browse Source 
* Add rel=noopener to external links to prevent tab napping attacks
This commit is contained in:
Kevin Chung
2020-09-07 16:25:08 -04:00
committed by GitHub
parent 2bc66c1ecb
commit 37ddfa3bc3
10 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CTFd/themes/admin/templates/teams/team.html
View File

@@ -183,7 +183,7 @@
<i class="btn-fa fas fa-network-wired fa-2x px-2" data-toggle="tooltip" data-placement="top" title="IP Addresses"></i> <i class="btn-fa fas fa-network-wired fa-2x px-2" data-toggle="tooltip" data-placement="top" title="IP Addresses"></i>
</a> </a>
{% if team.website %} {% if team.website %}
<a href="{{ team.website }}" target="_blank" class="text-dark"> <a href="{{ team.website }}" target="_blank" class="text-dark" rel="noopener">
<i class="btn-fa fas fa-external-link-alt fa-2x px-2" data-toggle="tooltip" data-placement="top" <i class="btn-fa fas fa-external-link-alt fa-2x px-2" data-toggle="tooltip" data-placement="top"
title="{{ team.website }}" aria-hidden="true"></i> title="{{ team.website }}" aria-hidden="true"></i>
</a> </a>

2
CTFd/themes/admin/templates/teams/teams.html
View File

@@ -99,7 +99,7 @@
</a> </a>
{% endif %} {% endif %}
{% if team.website %} {% if team.website %}
<a href="{{ team.website }}" target="_blank" class="badge badge-info"> <a href="{{ team.website }}" target="_blank" class="badge badge-info" rel="noopener">
<i class="btn-fa fas fa-external-link-alt" data-toggle="tooltip" data-placement="top" <i class="btn-fa fas fa-external-link-alt" data-toggle="tooltip" data-placement="top"
title="{{ team.website }}" aria-hidden="true"></i> title="{{ team.website }}" aria-hidden="true"></i>
</a> </a>

2
CTFd/themes/admin/templates/users/user.html
View File

@@ -173,7 +173,7 @@
<i class="btn-fa fas fa-network-wired fa-2x px-2" data-toggle="tooltip" data-placement="top" title="IP Addresses"></i> <i class="btn-fa fas fa-network-wired fa-2x px-2" data-toggle="tooltip" data-placement="top" title="IP Addresses"></i>
</a> </a>
{% if user.website %} {% if user.website %}
<a href="{{ user.website }}" target="_blank" class="text-decoration-none text-dark"> <a href="{{ user.website }}" target="_blank" class="text-decoration-none text-dark" rel="noopener">
<i class="btn-fa fas fa-external-link-alt fa-2x px-2" data-toggle="tooltip" data-placement="top" <i class="btn-fa fas fa-external-link-alt fa-2x px-2" data-toggle="tooltip" data-placement="top"
title="{{ user.website }}" aria-hidden="true"></i> title="{{ user.website }}" aria-hidden="true"></i>
</a> </a>

2
CTFd/themes/admin/templates/users/users.html
View File

@@ -102,7 +102,7 @@
</a> </a>
{% endif %} {% endif %}
{% if user.website %} {% if user.website %}
<a href="{{ user.website }}" target="_blank" class="badge badge-info"> <a href="{{ user.website }}" target="_blank" class="badge badge-info" rel="noopener">
<i class="btn-fa fas fa-external-link-alt" data-toggle="tooltip" data-placement="top" <i class="btn-fa fas fa-external-link-alt" data-toggle="tooltip" data-placement="top"
title="{{ user.website }}" aria-hidden="true"></i> title="{{ user.website }}" aria-hidden="true"></i>
</a> </a>

2
CTFd/themes/core/templates/teams/private.html
View File

@@ -174,7 +174,7 @@
{% endif %} {% endif %}
</a> </a>
{% if team.website and (team.website.startswith('http://') or team.website.startswith('https://')) %} {% if team.website and (team.website.startswith('http://') or team.website.startswith('https://')) %}
<a href="{{ team.website }}" target="_blank" style="color: inherit;"> <a href="{{ team.website }}" target="_blank" style="color: inherit;" rel="noopener">
<i class="fas fa-external-link-alt fa-2x px-2" data-toggle="tooltip" data-placement="top" <i class="fas fa-external-link-alt fa-2x px-2" data-toggle="tooltip" data-placement="top"
title="{{ team.website }}"></i> title="{{ team.website }}"></i>
</a> </a>

2
CTFd/themes/core/templates/teams/public.html
View File

@@ -50,7 +50,7 @@
<div class="pt-3"> <div class="pt-3">
{% if team.website and (team.website.startswith('http://') or team.website.startswith('https://')) %} {% if team.website and (team.website.startswith('http://') or team.website.startswith('https://')) %}
<a href="{{ team.website }}" target="_blank" style="color: inherit;"> <a href="{{ team.website }}" target="_blank" style="color: inherit;" rel="noopener">
<i class="fas fa-external-link-alt fa-2x px-2" data-toggle="tooltip" data-placement="top" <i class="fas fa-external-link-alt fa-2x px-2" data-toggle="tooltip" data-placement="top"
title="{{ team.website }}"></i> title="{{ team.website }}"></i>
</a> </a>

2
CTFd/themes/core/templates/teams/teams.html
View File

@@ -69,7 +69,7 @@
</td> </td>
<td class="text-center" style="width: 10px;"> <td class="text-center" style="width: 10px;">
{% if team.website and (team.website.startswith('http://') or team.website.startswith('https://')) %} {% if team.website and (team.website.startswith('http://') or team.website.startswith('https://')) %}
<a href="{{ team.website }}" target="_blank"> <a href="{{ team.website }}" target="_blank" rel="noopener">
<i class="fas fa-external-link-alt" data-toggle="tooltip" data-placement="top" title="{{ team.website }}"></i> <i class="fas fa-external-link-alt" data-toggle="tooltip" data-placement="top" title="{{ team.website }}"></i>
</a> </a>
{% endif %} {% endif %}

2
CTFd/themes/core/templates/users/private.html
View File

@@ -60,7 +60,7 @@
<div class="pt-3"> <div class="pt-3">
{% if user.website %} {% if user.website %}
<a href="{{ user.website }}" target="_blank" style="color: inherit;"> <a href="{{ user.website }}" target="_blank" style="color: inherit;" rel="noopener">
<i class="fas fa-external-link-alt fa-2x px-2" data-toggle="tooltip" data-placement="top" <i class="fas fa-external-link-alt fa-2x px-2" data-toggle="tooltip" data-placement="top"
title="{{ user.website }}"></i> title="{{ user.website }}"></i>
</a> </a>

2
CTFd/themes/core/templates/users/public.html
View File

@@ -60,7 +60,7 @@
<div class="pt-3"> <div class="pt-3">
{% if user.website %} {% if user.website %}
<a href="{{ user.website }}" target="_blank" style="color: inherit;"> <a href="{{ user.website }}" target="_blank" style="color: inherit;" rel="noopener">
<i class="fas fa-external-link-alt fa-2x px-2" data-toggle="tooltip" data-placement="top" <i class="fas fa-external-link-alt fa-2x px-2" data-toggle="tooltip" data-placement="top"
title="{{ user.website }}"></i> title="{{ user.website }}"></i>
</a> </a>

2
CTFd/themes/core/templates/users/users.html
View File

@@ -71,7 +71,7 @@
</td> </td>
<td class="text-center" style="width: 10px;"> <td class="text-center" style="width: 10px;">
{% if user.website and (user.website.startswith('http://') or user.website.startswith('https://')) %} {% if user.website and (user.website.startswith('http://') or user.website.startswith('https://')) %}
<a href="{{ user.website }}" target="_blank"> <a href="{{ user.website }}" target="_blank" rel="noopener">
<i class="fas fa-external-link-alt" data-toggle="tooltip" data-placement="top" <i class="fas fa-external-link-alt" data-toggle="tooltip" data-placement="top"
title="{{ user.website }}"></i> title="{{ user.website }}"></i>
</a> </a>