mirror of https://github.com/keeweb/keeweb.git
improved link security
This commit is contained in:
parent
ce527f4af5
commit
9312fd105b
|
@ -4,7 +4,7 @@ const FieldViewUrl = FieldViewText.extend({
|
||||||
displayUrlRegex: /^http:\/\//i,
|
displayUrlRegex: /^http:\/\//i,
|
||||||
|
|
||||||
renderValue: function(value) {
|
renderValue: function(value) {
|
||||||
return value ? '<a href="' + _.escape(this.fixUrl(value)) + '" rel="noreferrer" target="_blank">' + _.escape(this.displayUrl(value)) + '</a>' : '';
|
return value ? '<a href="' + _.escape(this.fixUrl(value)) + '" rel="noreferrer noopener" target="_blank">' + _.escape(this.displayUrl(value)) + '</a>' : '';
|
||||||
},
|
},
|
||||||
|
|
||||||
fixUrl: function(url) {
|
fixUrl: function(url) {
|
||||||
|
|
|
@ -2,6 +2,7 @@ Release notes
|
||||||
-------------
|
-------------
|
||||||
##### v1.7.8 (2019-03-02)
|
##### v1.7.8 (2019-03-02)
|
||||||
`-` fix #1124: keyboard navigation issues
|
`-` fix #1124: keyboard navigation issues
|
||||||
|
`*` improved link security
|
||||||
|
|
||||||
##### v1.7.7 (2019-02-09)
|
##### v1.7.7 (2019-02-09)
|
||||||
`-` another attempt to fix focus issues
|
`-` another attempt to fix focus issues
|
||||||
|
|
Loading…
Reference in New Issue