This is an automated email from the ASF dual-hosted git repository.
hapylestat pushed a commit to branch branch-2.7
in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/branch-2.7 by this push:
new b3a49c8 AMBARI-25494. Ambari - Unsafe third-party link
(target="_blank") (#3191) (hiveww via dgrinenko)
b3a49c8 is described below
commit b3a49c8a42892c1a9274aa02395e2ec01555b607
Author: Alexander Antonenko <[email protected]>
AuthorDate: Tue Jun 30 18:51:26 2020 +0300
AMBARI-25494. Ambari - Unsafe third-party link (target="_blank") (#3191)
(hiveww via dgrinenko)
---
ambari-web/app/assets/index.html | 4 ++--
ambari-web/app/templates/common/about.hbs | 6 +++---
ambari-web/app/templates/main/service/services/hive.hbs | 4 ++--
ambari-web/app/templates/main/service/widgets/create/step1.hbs | 4 ++--
4 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/ambari-web/app/assets/index.html b/ambari-web/app/assets/index.html
index 539a3e2..99f1fe0 100644
--- a/ambari-web/app/assets/index.html
+++ b/ambari-web/app/assets/index.html
@@ -45,8 +45,8 @@
</div>
<footer>
<div class="container footer-links">
- <a data-qa="license-link"
href="http://www.apache.org/licenses/LICENSE-2.0"; target="_blank">Licensed
under the Apache License, Version 2.0</a>.<br>
- <a data-qa="third-party-link" href="/licenses/NOTICE.txt"
target="_blank">See third-party tools/resources that Ambari uses and their
respective authors</a>
+ <a data-qa="license-link"
href="http://www.apache.org/licenses/LICENSE-2.0"; target="_blank" rel="noopener
noreferrer">Licensed under the Apache License, Version 2.0</a>.<br>
+ <a data-qa="third-party-link" href="/licenses/NOTICE.txt"
target="_blank" rel="noopener noreferrer">See third-party tools/resources that
Ambari uses and their respective authors</a>
</div>
</footer>
</body>
diff --git a/ambari-web/app/templates/common/about.hbs
b/ambari-web/app/templates/common/about.hbs
index 00388c8..3042765 100644
--- a/ambari-web/app/templates/common/about.hbs
+++ b/ambari-web/app/templates/common/about.hbs
@@ -27,8 +27,8 @@
{{view.ambariVersion}}
<br />
<br />
- <a href="http://ambari.apache.org/"; target="_blank">{{t
app.aboutAmbari.getInvolved}}</a>
+ <a href="http://ambari.apache.org/"; target="_blank" rel="noopener
noreferrer">{{t app.aboutAmbari.getInvolved}}</a>
<br />
- <a href="http://www.apache.org/licenses/LICENSE-2.0"; target="_blank">{{t
app.aboutAmbari.licensed}}</a>
+ <a href="http://www.apache.org/licenses/LICENSE-2.0"; target="_blank"
rel="noopener noreferrer">{{t app.aboutAmbari.licensed}}</a>
</div>
-</div>
\ No newline at end of file
+</div>
diff --git a/ambari-web/app/templates/main/service/services/hive.hbs
b/ambari-web/app/templates/main/service/services/hive.hbs
index ebd1e28..41126b1 100644
--- a/ambari-web/app/templates/main/service/services/hive.hbs
+++ b/ambari-web/app/templates/main/service/services/hive.hbs
@@ -51,9 +51,9 @@
<div class="row">
<div class="col-md-6 summary-label" style="margin-top:
0px;">{{link.label}}</div>
<div class="col-md-6 summary-value">
- <a href="#" target="_blank" {{action goToView link.viewInstance
target="controller"}}>{{t app.goToView}}</a>
+ <a href="#" target="_blank" rel="noopener noreferrer" {{action
goToView link.viewInstance target="controller"}}>{{t app.goToView}}</a>
</div>
</div>
{{/each}}
</div>
-</div>
\ No newline at end of file
+</div>
diff --git a/ambari-web/app/templates/main/service/widgets/create/step1.hbs
b/ambari-web/app/templates/main/service/widgets/create/step1.hbs
index 80fd23f..c3d9fc3 100644
--- a/ambari-web/app/templates/main/service/widgets/create/step1.hbs
+++ b/ambari-web/app/templates/main/service/widgets/create/step1.hbs
@@ -31,7 +31,7 @@
<div class="row">
<div class="col-md-4">
<div class="icon">
- <a class="widget-icon-image" target="_blank"><img
{{bindAttr src="option.iconPath"}}></a>
+ <a class="widget-icon-image" target="_blank" rel="noopener
noreferrer"><img {{bindAttr src="option.iconPath"}}></a>
</div>
</div>
<div class="label-description col-md-8">
@@ -45,4 +45,4 @@
</div>
</div>
</div>
-</div>
\ No newline at end of file
+</div>
