improve lighthouse best practices audit (#863)
* improve safety of cross origin links * add additional safety for cross origin links * remove duplicates
This commit is contained in:
parent
c0b11d4fa3
commit
587731583f
11 changed files with 29 additions and 3 deletions
1
ui/src/components/comment-form.tsx
vendored
1
ui/src/components/comment-form.tsx
vendored
|
@ -185,6 +185,7 @@ export class CommentForm extends Component<CommentFormProps, CommentFormState> {
|
||||||
target="_blank"
|
target="_blank"
|
||||||
class="d-inline-block float-right text-muted font-weight-bold"
|
class="d-inline-block float-right text-muted font-weight-bold"
|
||||||
title={i18n.t('formatting_help')}
|
title={i18n.t('formatting_help')}
|
||||||
|
rel="noopener"
|
||||||
>
|
>
|
||||||
<svg class="icon icon-inline">
|
<svg class="icon icon-inline">
|
||||||
<use xlinkHref="#icon-help-circle"></use>
|
<use xlinkHref="#icon-help-circle"></use>
|
||||||
|
|
1
ui/src/components/community.tsx
vendored
1
ui/src/components/community.tsx
vendored
|
@ -217,6 +217,7 @@ export class Community extends Component<any, State> {
|
||||||
}`}
|
}`}
|
||||||
target="_blank"
|
target="_blank"
|
||||||
title="RSS"
|
title="RSS"
|
||||||
|
rel="noopener"
|
||||||
>
|
>
|
||||||
<svg class="icon text-muted small">
|
<svg class="icon text-muted small">
|
||||||
<use xlinkHref="#icon-rss">#</use>
|
<use xlinkHref="#icon-rss">#</use>
|
||||||
|
|
8
ui/src/components/iframely-card.tsx
vendored
8
ui/src/components/iframely-card.tsx
vendored
|
@ -44,7 +44,12 @@ export class IFramelyCard extends Component<
|
||||||
</span>
|
</span>
|
||||||
) : (
|
) : (
|
||||||
<span>
|
<span>
|
||||||
<a class="text-body" target="_blank" href={post.url}>
|
<a
|
||||||
|
class="text-body"
|
||||||
|
target="_blank"
|
||||||
|
href={post.url}
|
||||||
|
rel="noopener"
|
||||||
|
>
|
||||||
{post.embed_title}
|
{post.embed_title}
|
||||||
</a>
|
</a>
|
||||||
</span>
|
</span>
|
||||||
|
@ -55,6 +60,7 @@ export class IFramelyCard extends Component<
|
||||||
class="text-muted font-italic"
|
class="text-muted font-italic"
|
||||||
target="_blank"
|
target="_blank"
|
||||||
href={post.url}
|
href={post.url}
|
||||||
|
rel="noopener"
|
||||||
>
|
>
|
||||||
{new URL(post.url).hostname}
|
{new URL(post.url).hostname}
|
||||||
<svg class="ml-1 icon">
|
<svg class="ml-1 icon">
|
||||||
|
|
1
ui/src/components/inbox.tsx
vendored
1
ui/src/components/inbox.tsx
vendored
|
@ -109,6 +109,7 @@ export class Inbox extends Component<any, InboxState> {
|
||||||
href={`/feeds/inbox/${UserService.Instance.auth}.xml`}
|
href={`/feeds/inbox/${UserService.Instance.auth}.xml`}
|
||||||
target="_blank"
|
target="_blank"
|
||||||
title="RSS"
|
title="RSS"
|
||||||
|
rel="noopener"
|
||||||
>
|
>
|
||||||
<svg class="icon ml-2 text-muted small">
|
<svg class="icon ml-2 text-muted small">
|
||||||
<use xlinkHref="#icon-rss">#</use>
|
<use xlinkHref="#icon-rss">#</use>
|
||||||
|
|
2
ui/src/components/main.tsx
vendored
2
ui/src/components/main.tsx
vendored
|
@ -452,6 +452,7 @@ export class Main extends Component<any, MainState> {
|
||||||
<a
|
<a
|
||||||
href={`/feeds/all.xml?sort=${SortType[this.state.sort]}`}
|
href={`/feeds/all.xml?sort=${SortType[this.state.sort]}`}
|
||||||
target="_blank"
|
target="_blank"
|
||||||
|
rel="noopener"
|
||||||
title="RSS"
|
title="RSS"
|
||||||
>
|
>
|
||||||
<svg class="icon text-muted small">
|
<svg class="icon text-muted small">
|
||||||
|
@ -467,6 +468,7 @@ export class Main extends Component<any, MainState> {
|
||||||
}`}
|
}`}
|
||||||
target="_blank"
|
target="_blank"
|
||||||
title="RSS"
|
title="RSS"
|
||||||
|
rel="noopener"
|
||||||
>
|
>
|
||||||
<svg class="icon text-muted small">
|
<svg class="icon text-muted small">
|
||||||
<use xlinkHref="#icon-rss">#</use>
|
<use xlinkHref="#icon-rss">#</use>
|
||||||
|
|
2
ui/src/components/post-form.tsx
vendored
2
ui/src/components/post-form.tsx
vendored
|
@ -222,6 +222,7 @@ export class PostForm extends Component<PostFormProps, PostFormState> {
|
||||||
)}`}
|
)}`}
|
||||||
target="_blank"
|
target="_blank"
|
||||||
class="mr-2 d-inline-block float-right text-muted small font-weight-bold"
|
class="mr-2 d-inline-block float-right text-muted small font-weight-bold"
|
||||||
|
rel="noopener"
|
||||||
>
|
>
|
||||||
{i18n.t('archive_link')}
|
{i18n.t('archive_link')}
|
||||||
</a>
|
</a>
|
||||||
|
@ -302,6 +303,7 @@ export class PostForm extends Component<PostFormProps, PostFormState> {
|
||||||
<a
|
<a
|
||||||
href={markdownHelpUrl}
|
href={markdownHelpUrl}
|
||||||
target="_blank"
|
target="_blank"
|
||||||
|
rel="noopener"
|
||||||
class="d-inline-block float-right text-muted font-weight-bold"
|
class="d-inline-block float-right text-muted font-weight-bold"
|
||||||
title={i18n.t('formatting_help')}
|
title={i18n.t('formatting_help')}
|
||||||
>
|
>
|
||||||
|
|
4
ui/src/components/post-listing.tsx
vendored
4
ui/src/components/post-listing.tsx
vendored
|
@ -197,6 +197,7 @@ export class PostListing extends Component<PostListingProps, PostListingState> {
|
||||||
className="text-body"
|
className="text-body"
|
||||||
href={post.url}
|
href={post.url}
|
||||||
target="_blank"
|
target="_blank"
|
||||||
|
rel="noopener"
|
||||||
title={post.url}
|
title={post.url}
|
||||||
>
|
>
|
||||||
{this.imgThumb(this.getImage(true))}
|
{this.imgThumb(this.getImage(true))}
|
||||||
|
@ -227,6 +228,7 @@ export class PostListing extends Component<PostListingProps, PostListingState> {
|
||||||
href={post.url}
|
href={post.url}
|
||||||
target="_blank"
|
target="_blank"
|
||||||
title={post.url}
|
title={post.url}
|
||||||
|
rel="noopener"
|
||||||
>
|
>
|
||||||
<svg class="icon thumbnail">
|
<svg class="icon thumbnail">
|
||||||
<use xlinkHref="#icon-external-link"></use>
|
<use xlinkHref="#icon-external-link"></use>
|
||||||
|
@ -303,6 +305,7 @@ export class PostListing extends Component<PostListingProps, PostListingState> {
|
||||||
href={post.url}
|
href={post.url}
|
||||||
target="_blank"
|
target="_blank"
|
||||||
title={post.url}
|
title={post.url}
|
||||||
|
rel="noopener"
|
||||||
>
|
>
|
||||||
{post.name}
|
{post.name}
|
||||||
</a>
|
</a>
|
||||||
|
@ -323,6 +326,7 @@ export class PostListing extends Component<PostListingProps, PostListingState> {
|
||||||
href={post.url}
|
href={post.url}
|
||||||
target="_blank"
|
target="_blank"
|
||||||
title={post.url}
|
title={post.url}
|
||||||
|
rel="noopener"
|
||||||
>
|
>
|
||||||
{hostname(post.url)}
|
{hostname(post.url)}
|
||||||
<svg class="ml-1 icon icon-inline">
|
<svg class="ml-1 icon icon-inline">
|
||||||
|
|
2
ui/src/components/private-message-form.tsx
vendored
2
ui/src/components/private-message-form.tsx
vendored
|
@ -175,6 +175,7 @@ export class PrivateMessageForm extends Component<
|
||||||
<a
|
<a
|
||||||
class="alert-link"
|
class="alert-link"
|
||||||
target="_blank"
|
target="_blank"
|
||||||
|
rel="noopener"
|
||||||
href="https://about.riot.im/"
|
href="https://about.riot.im/"
|
||||||
>
|
>
|
||||||
#
|
#
|
||||||
|
@ -236,6 +237,7 @@ export class PrivateMessageForm extends Component<
|
||||||
<a
|
<a
|
||||||
href={markdownHelpUrl}
|
href={markdownHelpUrl}
|
||||||
target="_blank"
|
target="_blank"
|
||||||
|
rel="noopener"
|
||||||
class="text-muted"
|
class="text-muted"
|
||||||
title={i18n.t('formatting_help')}
|
title={i18n.t('formatting_help')}
|
||||||
>
|
>
|
||||||
|
|
1
ui/src/components/sort-select.tsx
vendored
1
ui/src/components/sort-select.tsx
vendored
|
@ -47,6 +47,7 @@ export class SortSelect extends Component<SortSelectProps, SortSelectState> {
|
||||||
className="text-muted"
|
className="text-muted"
|
||||||
href={sortingHelpUrl}
|
href={sortingHelpUrl}
|
||||||
target="_blank"
|
target="_blank"
|
||||||
|
rel="noopener"
|
||||||
title={i18n.t('sorting_help')}
|
title={i18n.t('sorting_help')}
|
||||||
>
|
>
|
||||||
<svg class={`icon icon-inline`}>
|
<svg class={`icon icon-inline`}>
|
||||||
|
|
2
ui/src/components/sponsors.tsx
vendored
2
ui/src/components/sponsors.tsx
vendored
|
@ -89,7 +89,7 @@ export class Sponsors extends Component<any, any> {
|
||||||
{silver.map(s => (
|
{silver.map(s => (
|
||||||
<div class="card col-12 col-md-2">
|
<div class="card col-12 col-md-2">
|
||||||
<div>
|
<div>
|
||||||
<a href={s.link} target="_blank">
|
<a href={s.link} target="_blank" rel="noopener">
|
||||||
💎 {s.name}
|
💎 {s.name}
|
||||||
</a>
|
</a>
|
||||||
</div>
|
</div>
|
||||||
|
|
8
ui/src/components/user.tsx
vendored
8
ui/src/components/user.tsx
vendored
|
@ -317,6 +317,7 @@ export class User extends Component<any, UserState> {
|
||||||
SortType[this.state.sort]
|
SortType[this.state.sort]
|
||||||
}`}
|
}`}
|
||||||
target="_blank"
|
target="_blank"
|
||||||
|
rel="noopener"
|
||||||
title="RSS"
|
title="RSS"
|
||||||
>
|
>
|
||||||
<svg class="icon mx-2 text-muted small">
|
<svg class="icon mx-2 text-muted small">
|
||||||
|
@ -463,6 +464,7 @@ export class User extends Component<any, UserState> {
|
||||||
!this.state.user.matrix_user_id && 'disabled'
|
!this.state.user.matrix_user_id && 'disabled'
|
||||||
}`}
|
}`}
|
||||||
target="_blank"
|
target="_blank"
|
||||||
|
rel="noopener"
|
||||||
href={`https://matrix.to/#/${this.state.user.matrix_user_id}`}
|
href={`https://matrix.to/#/${this.state.user.matrix_user_id}`}
|
||||||
>
|
>
|
||||||
{i18n.t('send_secure_message')}
|
{i18n.t('send_secure_message')}
|
||||||
|
@ -586,7 +588,11 @@ export class User extends Component<any, UserState> {
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group row">
|
<div class="form-group row">
|
||||||
<label class="col-lg-5 col-form-label">
|
<label class="col-lg-5 col-form-label">
|
||||||
<a href="https://about.riot.im/" target="_blank">
|
<a
|
||||||
|
href="https://about.riot.im/"
|
||||||
|
target="_blank"
|
||||||
|
rel="noopener"
|
||||||
|
>
|
||||||
{i18n.t('matrix_user_id')}
|
{i18n.t('matrix_user_id')}
|
||||||
</a>
|
</a>
|
||||||
</label>
|
</label>
|
||||||
|
|
Loading…
Reference in a new issue