diff options
| author | Jérémy DECOOL <[email protected]> | 2017-02-12 11:01:36 +0100 |
|---|---|---|
| committer | Jérémy DECOOL <[email protected]> | 2017-02-12 11:01:36 +0100 |
| commit | ba2853caac636d2ae596d74561fa0233567242d4 (patch) | |
| tree | 9e46eabafcddd2e76cd0c8fc4c1498d0b1858757 /plugins/af_psql_trgm | |
| parent | 2187322caee25756d28983f069e291612023c6dc (diff) | |
Prevent target='_blank' vulnerability on dynamic link
Diffstat (limited to 'plugins/af_psql_trgm')
| -rw-r--r-- | plugins/af_psql_trgm/init.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/plugins/af_psql_trgm/init.php b/plugins/af_psql_trgm/init.php index 8c92be1ab..542cd720e 100644 --- a/plugins/af_psql_trgm/init.php +++ b/plugins/af_psql_trgm/init.php @@ -85,7 +85,7 @@ class Af_Psql_Trgm extends Plugin { style='vertical-align : middle'>"; $article_link = htmlspecialchars($line["link"]); - print " <a target=\"_blank\" href=\"$article_link\">". + print " <a target=\"_blank\" rel=\"noopener noreferrer\" href=\"$article_link\">". $line["title"]."</a>"; print " (<a href=\"#\" onclick=\"viewfeed({feed:".$line["feed_id"]."})\">". |