diff options
| author | Jérémy DECOOL <[email protected]> | 2017-02-12 11:01:36 +0100 |
|---|---|---|
| committer | Jérémy DECOOL <[email protected]> | 2017-02-12 11:01:36 +0100 |
| commit | ba2853caac636d2ae596d74561fa0233567242d4 (patch) | |
| tree | 9e46eabafcddd2e76cd0c8fc4c1498d0b1858757 /include | |
| parent | 2187322caee25756d28983f069e291612023c6dc (diff) | |
Prevent target='_blank' vulnerability on dynamic link
Diffstat (limited to 'include')
| -rw-r--r-- | include/feedbrowser.php | 8 | ||||
| -rw-r--r-- | include/functions2.php | 20 |
2 files changed, 15 insertions, 13 deletions
diff --git a/include/feedbrowser.php b/include/feedbrowser.php index 4772420ab..ec4efe15a 100644 --- a/include/feedbrowser.php +++ b/include/feedbrowser.php @@ -59,12 +59,12 @@ $class = ($feedctr % 2) ? "even" : "odd"; - $site_url = "<a target=\"_blank\" + $site_url = "<a target=\"_blank\" rel=\"noopener noreferrer\" href=\"$site_url\"> <span class=\"fb_feedTitle\">". htmlspecialchars($line["title"])."</span></a>"; - $feed_url = "<a target=\"_blank\" class=\"fb_feedUrl\" + $feed_url = "<a target=\"_blank\" rel=\"noopener noreferrer\" class=\"fb_feedUrl\" href=\"$feed_url\"><img src='images/pub_set.png' style='vertical-align : middle'></a>"; @@ -87,12 +87,12 @@ $archived = ''; } - $site_url = "<a target=\"_blank\" + $site_url = "<a target=\"_blank\" rel=\"noopener noreferrer\" href=\"$site_url\"> <span class=\"fb_feedTitle\">". htmlspecialchars($line["title"])."</span></a>"; - $feed_url = "<a target=\"_blank\" class=\"fb_feedUrl\" + $feed_url = "<a target=\"_blank\" rel=\"noopener noreferrer\" class=\"fb_feedUrl\" href=\"$feed_url\"><img src='images/pub_set.png' style='vertical-align : middle'></a>"; diff --git a/include/functions2.php b/include/functions2.php index d490ae50c..96274b6a0 100644 --- a/include/functions2.php +++ b/include/functions2.php @@ -955,6 +955,7 @@ $a->appendChild(new DOMText($entry->getAttribute('src'))); $a->setAttribute('target', '_blank'); + $a->setAttribute('rel', 'noopener noreferrer'); $p->appendChild($a); @@ -964,6 +965,7 @@ if (strtolower($entry->nodeName) == "a") { $entry->setAttribute("target", "_blank"); + $entry->setAttribute("rel", "noopener noreferrer"); } } @@ -1249,7 +1251,7 @@ </object>"; } - if ($entry) $entry .= " <a target=\"_blank\" + if ($entry) $entry .= " <a target=\"_blank\" rel=\"noopener noreferrer\" href=\"$url\">" . basename($url) . "</a>"; return $entry; @@ -1260,7 +1262,7 @@ /* $filename = substr($url, strrpos($url, "/")+1); - $entry .= " <a target=\"_blank\" href=\"" . htmlspecialchars($url) . "\">" . + $entry .= " <a target=\"_blank\" rel=\"noopener noreferrer\" href=\"" . htmlspecialchars($url) . "\">" . $filename . " (" . $ctype . ")" . "</a>"; */ } @@ -1332,12 +1334,12 @@ $comments_url = htmlspecialchars($line["link"]); } $entry_comments = "<a class=\"postComments\" - target='_blank' href=\"$comments_url\">$num_comments ". + target='_blank' rel=\"noopener noreferrer\" href=\"$comments_url\">$num_comments ". _ngettext("comment", "comments", $num_comments)."</a>"; } else { if ($line["comments"] && $line["link"] != $line["comments"]) { - $entry_comments = "<a class=\"postComments\" target='_blank' href=\"".htmlspecialchars($line["comments"])."\">".__("comments")."</a>"; + $entry_comments = "<a class=\"postComments\" target='_blank' rel=\"noopener noreferrer\" href=\"".htmlspecialchars($line["comments"])."\">".__("comments")."</a>"; } } @@ -1373,7 +1375,7 @@ $rv['content'] .= "<div class=\"postDate\">$parsed_updated</div>"; if ($line["link"]) { - $rv['content'] .= "<div class='postTitle'><a target='_blank' + $rv['content'] .= "<div class='postTitle'><a target='_blank' rel='noopener noreferrer' title=\"".htmlspecialchars($line['title'])."\" href=\"" . htmlspecialchars($line["link"]) . "\">" . @@ -1442,13 +1444,13 @@ $tmp_line = db_fetch_assoc($tmp_result); - $rv['content'] .= "<a target='_blank' + $rv['content'] .= "<a target='_blank' rel='noopener noreferrer' href=' " . htmlspecialchars($tmp_line['site_url']) . "'>" . $tmp_line['title'] . "</a>"; $rv['content'] .= " "; - $rv['content'] .= "<a target='_blank' href='" . htmlspecialchars($tmp_line['feed_url']) . "'>"; + $rv['content'] .= "<a target='_blank' rel='noopener noreferrer' href='" . htmlspecialchars($tmp_line['feed_url']) . "'>"; $rv['content'] .= "<img title='".__('Feed URL')."' class='tinyFeedIcon' src='images/pub_set.png'></a>"; $rv['content'] .= "</div>"; @@ -1957,7 +1959,7 @@ if ($player) array_push($entries_inline, $player); -# $entry .= " <a target=\"_blank\" href=\"" . htmlspecialchars($url) . "\">" . +# $entry .= " <a target=\"_blank\" href=\"" . htmlspecialchars($url) . "\" rel=\"noopener noreferrer\">" . # $filename . " (" . $ctype . ")" . "</a>"; $entry = "<div onclick=\"openUrlPopup('".htmlspecialchars($url)."')\" @@ -2005,7 +2007,7 @@ src=\"" .htmlspecialchars($entry["url"]) . "\" " . $encsize . " /></p>"; } else { - $rv .= "<p><a target=\"_blank\" + $rv .= "<p><a target=\"_blank\" rel=\"noopener noreferrer\" href=\"".htmlspecialchars($entry["url"])."\" >" .htmlspecialchars($entry["url"]) . "</a></p>"; } |