Prevent target='_blank' vulnerability on dynamic link

[tt-rss.git] / plugins / af_psql_trgm / init.php

diff --git a/plugins/af_psql_trgm/init.php b/plugins/af_psql_trgm/init.php
index 8c92be1ab8799873f1d636a65bcc736972140904..542cd720e6934513e58b6d381384a045f3289507 100644 (file)
--- a/plugins/af_psql_trgm/init.php
+++ b/plugins/af_psql_trgm/init.php
@@ -85,7 +85,7 @@ class Af_Psql_Trgm extends Plugin {
                                style='vertical-align : middle'>";
 
                        $article_link = htmlspecialchars($line["link"]);
-                       print " <a target=\"_blank\" href=\"$article_link\">".
+                       print " <a target=\"_blank\" rel=\"noopener noreferrer\" href=\"$article_link\">".
                                $line["title"]."</a>";
 
                        print " (<a href=\"#\" onclick=\"viewfeed({feed:".$line["feed_id"]."})\">".