diff options
-rwxr-xr-x | classes/feeds.php | 12 | ||||
-rw-r--r-- | classes/pref/prefs.php | 4 | ||||
-rw-r--r-- | include/feedbrowser.php | 8 | ||||
-rw-r--r-- | include/functions2.php | 20 | ||||
-rw-r--r-- | plugins/af_psql_trgm/init.php | 2 | ||||
-rw-r--r-- | plugins/share/init.php | 2 |
6 files changed, 25 insertions, 23 deletions
diff --git a/classes/feeds.php b/classes/feeds.php index a41109383..6b96d8364 100755 --- a/classes/feeds.php +++ b/classes/feeds.php @@ -398,7 +398,7 @@ class Feeds extends Handler_Protected { alt=\"Publish article\" onclick='togglePub($id)'>"; } -# $content_link = "<a target=\"_blank\" href=\"".$line["link"]."\">" . +# $content_link = "<a target=\"_blank\" rel=\"noopener noreferrer\" href=\"".$line["link"]."\">" . # $line["title"] . "</a>"; # $content_link = "<a @@ -616,7 +616,7 @@ class Feeds extends Handler_Protected { class=\"titleWrap $hlc_suffix\"> <a class=\"title $hlc_suffix\" title=\"".htmlspecialchars($line["title"])."\" - target=\"_blank\" href=\"". + target=\"_blank\" rel=\"noopener noreferrer\" href=\"". htmlspecialchars($line["link"])."\">". $line["title"] . "</a> <span class=\"author\">$entry_author</span>"; @@ -691,13 +691,13 @@ class Feeds extends Handler_Protected { $tmp_line = $this->dbh->fetch_assoc($tmp_result); - $reply['content'] .= "<a target='_blank' + $reply['content'] .= "<a target='_blank' rel='noopener noreferrer' href=' " . htmlspecialchars($tmp_line['site_url']) . "'>" . $tmp_line['title'] . "</a>"; $reply['content'] .= " "; - $reply['content'] .= "<a target='_blank' href='" . htmlspecialchars($tmp_line['feed_url']) . "'>"; + $reply['content'] .= "<a target='_blank' rel='noopener noreferrer' href='" . htmlspecialchars($tmp_line['feed_url']) . "'>"; $reply['content'] .= "<img title='".__('Feed URL')."'class='tinyFeedIcon' src='images/pub_unset.png'></a>"; $reply['content'] .= "</div>"; @@ -746,12 +746,12 @@ class Feeds extends Handler_Protected { $comments_url = htmlspecialchars($line["link"]); } $entry_comments = "<a class=\"postComments\" - target='_blank' href=\"$comments_url\">$num_comments ". + target='_blank' rel='noopener noreferrer' href=\"$comments_url\">$num_comments ". _ngettext("comment", "comments", $num_comments)."</a>"; } else { if ($line["comments"] && $line["link"] != $line["comments"]) { - $entry_comments = "<a class=\"postComments\" target='_blank' href=\"".htmlspecialchars($line["comments"])."\">".__("comments")."</a>"; + $entry_comments = "<a class=\"postComments\" target='_blank' rel='noopener noreferrer' href=\"".htmlspecialchars($line["comments"])."\">".__("comments")."</a>"; } } diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php index 9a7ab55a0..ece9e8078 100644 --- a/classes/pref/prefs.php +++ b/classes/pref/prefs.php @@ -776,7 +776,7 @@ class Pref_Prefs extends Handler_Protected { print "<td><label><img src='images/$plugin_icon' alt=''> $name</label></td>"; print "<td>" . htmlspecialchars($about[1]); if (@$about[4]) { - print " — <a target=\"_blank\" class=\"visibleLink\" + print " — <a target=\"_blank\" rel=\"noopener noreferrer\" class=\"visibleLink\" href=\"".htmlspecialchars($about[4])."\">".__("more info")."</a>"; } print "</td>"; @@ -835,7 +835,7 @@ class Pref_Prefs extends Handler_Protected { print "<td><label for='FPCHK-$name'><img src='images/$plugin_icon' alt=''> $name</label></td>"; print "<td><label for='FPCHK-$name'>" . htmlspecialchars($about[1]) . "</label>"; if (@$about[4]) { - print " — <a target=\"_blank\" class=\"visibleLink\" + print " — <a target=\"_blank\" rel=\"noopener noreferrer\" class=\"visibleLink\" href=\"".htmlspecialchars($about[4])."\">".__("more info")."</a>"; } print "</td>"; diff --git a/include/feedbrowser.php b/include/feedbrowser.php index 4772420ab..ec4efe15a 100644 --- a/include/feedbrowser.php +++ b/include/feedbrowser.php @@ -59,12 +59,12 @@ $class = ($feedctr % 2) ? "even" : "odd"; - $site_url = "<a target=\"_blank\" + $site_url = "<a target=\"_blank\" rel=\"noopener noreferrer\" href=\"$site_url\"> <span class=\"fb_feedTitle\">". htmlspecialchars($line["title"])."</span></a>"; - $feed_url = "<a target=\"_blank\" class=\"fb_feedUrl\" + $feed_url = "<a target=\"_blank\" rel=\"noopener noreferrer\" class=\"fb_feedUrl\" href=\"$feed_url\"><img src='images/pub_set.png' style='vertical-align : middle'></a>"; @@ -87,12 +87,12 @@ $archived = ''; } - $site_url = "<a target=\"_blank\" + $site_url = "<a target=\"_blank\" rel=\"noopener noreferrer\" href=\"$site_url\"> <span class=\"fb_feedTitle\">". htmlspecialchars($line["title"])."</span></a>"; - $feed_url = "<a target=\"_blank\" class=\"fb_feedUrl\" + $feed_url = "<a target=\"_blank\" rel=\"noopener noreferrer\" class=\"fb_feedUrl\" href=\"$feed_url\"><img src='images/pub_set.png' style='vertical-align : middle'></a>"; diff --git a/include/functions2.php b/include/functions2.php index d490ae50c..96274b6a0 100644 --- a/include/functions2.php +++ b/include/functions2.php @@ -955,6 +955,7 @@ $a->appendChild(new DOMText($entry->getAttribute('src'))); $a->setAttribute('target', '_blank'); + $a->setAttribute('rel', 'noopener noreferrer'); $p->appendChild($a); @@ -964,6 +965,7 @@ if (strtolower($entry->nodeName) == "a") { $entry->setAttribute("target", "_blank"); + $entry->setAttribute("rel", "noopener noreferrer"); } } @@ -1249,7 +1251,7 @@ </object>"; } - if ($entry) $entry .= " <a target=\"_blank\" + if ($entry) $entry .= " <a target=\"_blank\" rel=\"noopener noreferrer\" href=\"$url\">" . basename($url) . "</a>"; return $entry; @@ -1260,7 +1262,7 @@ /* $filename = substr($url, strrpos($url, "/")+1); - $entry .= " <a target=\"_blank\" href=\"" . htmlspecialchars($url) . "\">" . + $entry .= " <a target=\"_blank\" rel=\"noopener noreferrer\" href=\"" . htmlspecialchars($url) . "\">" . $filename . " (" . $ctype . ")" . "</a>"; */ } @@ -1332,12 +1334,12 @@ $comments_url = htmlspecialchars($line["link"]); } $entry_comments = "<a class=\"postComments\" - target='_blank' href=\"$comments_url\">$num_comments ". + target='_blank' rel=\"noopener noreferrer\" href=\"$comments_url\">$num_comments ". _ngettext("comment", "comments", $num_comments)."</a>"; } else { if ($line["comments"] && $line["link"] != $line["comments"]) { - $entry_comments = "<a class=\"postComments\" target='_blank' href=\"".htmlspecialchars($line["comments"])."\">".__("comments")."</a>"; + $entry_comments = "<a class=\"postComments\" target='_blank' rel=\"noopener noreferrer\" href=\"".htmlspecialchars($line["comments"])."\">".__("comments")."</a>"; } } @@ -1373,7 +1375,7 @@ $rv['content'] .= "<div class=\"postDate\">$parsed_updated</div>"; if ($line["link"]) { - $rv['content'] .= "<div class='postTitle'><a target='_blank' + $rv['content'] .= "<div class='postTitle'><a target='_blank' rel='noopener noreferrer' title=\"".htmlspecialchars($line['title'])."\" href=\"" . htmlspecialchars($line["link"]) . "\">" . @@ -1442,13 +1444,13 @@ $tmp_line = db_fetch_assoc($tmp_result); - $rv['content'] .= "<a target='_blank' + $rv['content'] .= "<a target='_blank' rel='noopener noreferrer' href=' " . htmlspecialchars($tmp_line['site_url']) . "'>" . $tmp_line['title'] . "</a>"; $rv['content'] .= " "; - $rv['content'] .= "<a target='_blank' href='" . htmlspecialchars($tmp_line['feed_url']) . "'>"; + $rv['content'] .= "<a target='_blank' rel='noopener noreferrer' href='" . htmlspecialchars($tmp_line['feed_url']) . "'>"; $rv['content'] .= "<img title='".__('Feed URL')."' class='tinyFeedIcon' src='images/pub_set.png'></a>"; $rv['content'] .= "</div>"; @@ -1957,7 +1959,7 @@ if ($player) array_push($entries_inline, $player); -# $entry .= " <a target=\"_blank\" href=\"" . htmlspecialchars($url) . "\">" . +# $entry .= " <a target=\"_blank\" href=\"" . htmlspecialchars($url) . "\" rel=\"noopener noreferrer\">" . # $filename . " (" . $ctype . ")" . "</a>"; $entry = "<div onclick=\"openUrlPopup('".htmlspecialchars($url)."')\" @@ -2005,7 +2007,7 @@ src=\"" .htmlspecialchars($entry["url"]) . "\" " . $encsize . " /></p>"; } else { - $rv .= "<p><a target=\"_blank\" + $rv .= "<p><a target=\"_blank\" rel=\"noopener noreferrer\" href=\"".htmlspecialchars($entry["url"])."\" >" .htmlspecialchars($entry["url"]) . "</a></p>"; } diff --git a/plugins/af_psql_trgm/init.php b/plugins/af_psql_trgm/init.php index 8c92be1ab..542cd720e 100644 --- a/plugins/af_psql_trgm/init.php +++ b/plugins/af_psql_trgm/init.php @@ -85,7 +85,7 @@ class Af_Psql_Trgm extends Plugin { style='vertical-align : middle'>"; $article_link = htmlspecialchars($line["link"]); - print " <a target=\"_blank\" href=\"$article_link\">". + print " <a target=\"_blank\" rel=\"noopener noreferrer\" href=\"$article_link\">". $line["title"]."</a>"; print " (<a href=\"#\" onclick=\"viewfeed({feed:".$line["feed_id"]."})\">". diff --git a/plugins/share/init.php b/plugins/share/init.php index 0f8f8fec1..a028c057b 100644 --- a/plugins/share/init.php +++ b/plugins/share/init.php @@ -100,7 +100,7 @@ class Share extends Plugin { $url_path .= "/public.php?op=share&key=$uuid"; print "<div class=\"tagCloudContainer\">"; - print "<a id='gen_article_url' href='$url_path' target='_blank'>$url_path</a>"; + print "<a id='gen_article_url' href='$url_path' target='_blank' rel='noopener noreferrer'>$url_path</a>"; print "</div>"; /* if (!label_find_id(__('Shared'), $_SESSION["uid"])) |