]> git.wh0rd.org - tt-rss.git/commitdiff
git.wh0rd.org / tt-rss.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | combined (merge: 2187322 ba2853c)
Merge branch 'fix-target-blank-vulnerability' into 'master'
authorAndrew Dolgov <cthulhoo@gmail.com>
Sun, 12 Feb 2017 11:19:37 +0000 (14:19 +0300)
committerAndrew Dolgov <cthulhoo@gmail.com>
Sun, 12 Feb 2017 11:19:37 +0000 (14:19 +0300)
Prevent target='_blank' vulnerability on dynamic link

This merge request refere to https://tt-rss.org/forum/viewtopic.php?f=8&t=4048

It fix the issue I enconter on some feeds I follow.
Just need to add "noopener" and "noreferrer" on "_blank" link to avoid the vulnerability.

See merge request !46


Trivial merge
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/