Home Explore Help
Register Sign In
apache
/
zookeeper
mirror of https://gitee.com/apache/zookeeper.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

ZOOKEEPER-3238: Adding noreferrer to target blank link

In zookeeper-contrib-huebrowser, there is a link that uses target="_blank". Best security practise is to also add rel="noopener noreferrer". See for example: https://dev.to/ben/the-targetblank-vulnerability-by-example.

Note I did not test this as I do not use hue. However it is a fairly trivial change.

Author: Colm O hEigeartaigh <coheigea@apache.org>

Reviewers: andor@apache.org

Closes #762 from coheigea/add_noreferrer
Colm O hEigeartaigh 6 years ago
parent
4a85ce2dc3
commit
e1e69b986e
1 changed files with 1 additions and 1 deletions
Unified View Show Diff Stats
  1. 1 1
      zookeeper-contrib/zookeeper-contrib-huebrowser/zkui/src/zkui/templates/tree.mako

+ 1 - 1
zookeeper-contrib/zookeeper-contrib-huebrowser/zkui/src/zkui/templates/tree.mako
View File 

@@ -69,7 +69,7 @@ ${shared.header("ZooKeeper Browser > Tree > %s > %s" % (cluster['nice_name'], pa
 
 </table>
 
 </table>
 
 
 
 <br />
 
 <br />
 
-<a target="_blank" href="http://zookeeper.apache.org/docs/current/zookeeperProgrammers.html#sc_zkStatStructure">Details on stat information.</a>
 
+<a target="_blank" rel="noopener noreferrer" href="http://zookeeper.apache.org/docs/current/zookeeperProgrammers.html#sc_zkStatStructure">Details on stat information.</a>
 
 
 
 ${shared.footer()}
 
 ${shared.footer()}