mirror of https://github.com/keeweb/keeweb.git
improved link security
This commit is contained in:
parent
ce527f4af5
commit
9312fd105b
|
@ -4,7 +4,7 @@ const FieldViewUrl = FieldViewText.extend({
|
|||
displayUrlRegex: /^http:\/\//i,
|
||||
|
||||
renderValue: function(value) {
|
||||
return value ? '<a href="' + _.escape(this.fixUrl(value)) + '" rel="noreferrer" target="_blank">' + _.escape(this.displayUrl(value)) + '</a>' : '';
|
||||
return value ? '<a href="' + _.escape(this.fixUrl(value)) + '" rel="noreferrer noopener" target="_blank">' + _.escape(this.displayUrl(value)) + '</a>' : '';
|
||||
},
|
||||
|
||||
fixUrl: function(url) {
|
||||
|
|
|
@ -2,6 +2,7 @@ Release notes
|
|||
-------------
|
||||
##### v1.7.8 (2019-03-02)
|
||||
`-` fix #1124: keyboard navigation issues
|
||||
`*` improved link security
|
||||
|
||||
##### v1.7.7 (2019-02-09)
|
||||
`-` another attempt to fix focus issues
|
||||
|
|
Loading…
Reference in New Issue