[tryton-commits] changeset in sao:5.2 Add noreferrer noopener to external URL

Cédric Krier Mon, 09 Mar 2020 10:44:53 -0700

changeset 2083a2128a0f in sao:5.2
details: https://hg.tryton.org/sao?cmd=changeset;node=2083a2128a0f
description:
        Add noreferrer noopener to external URL


        issue9089
        review289401002
        (grafted from ecd678a55935a666e61c429a6acd631f35484b5f)
diffstat:

 CHANGELOG        |  2 ++
 src/common.js    |  3 ++-
 src/view/form.js |  4 +++-
 src/view/tree.js |  8 ++++----
 4 files changed, 11 insertions(+), 6 deletions(-)

diffs (75 lines):

diff -r f0847be11c0e -r 2083a2128a0f CHANGELOG
--- a/CHANGELOG Sat Feb 29 00:53:43 2020 +0100
+++ b/CHANGELOG Mon Mar 09 18:08:24 2020 +0100
@@ -1,3 +1,5 @@
+* Add noreferrer noopener to external URL (issue9089)
+
 Version 5.2.11 - 2020-02-02
 * Bug fixes (see mercurial logs for details)
 
diff -r f0847be11c0e -r 2083a2128a0f src/common.js
--- a/src/common.js     Sat Feb 29 00:53:43 2020 +0100
+++ b/src/common.js     Mon Mar 09 18:08:24 2020 +0100
@@ -3144,7 +3144,8 @@
                     .append(jQuery('<a/>', {
                         'class': 'btn btn-link',
                         href: Sao.config.bug_url,
-                        target: '_blank'
+                        target: '_blank',
+                        rel: 'noreferrer noopener',
                     }).text(Sao.i18n.gettext('Report Bug')))));
             jQuery('<button/>', {
                 'class': 'btn btn-primary',
diff -r f0847be11c0e -r 2083a2128a0f src/view/form.js
--- a/src/view/form.js  Sat Feb 29 00:53:43 2020 +0100
+++ b/src/view/form.js  Mon Mar 09 18:08:24 2020 +0100
@@ -3738,7 +3738,8 @@
             Sao.View.Form.URL._super.init.call(this, view, attributes);
             this.button = jQuery('<a/>', {
                 'class': 'btn btn-default',
-                'target': '_new'
+                'target': '_blank',
+                'rel': 'noreferrer noopener',
             }).appendTo(jQuery('<span/>', {
                 'class': 'input-group-btn'
             }).appendTo(this.group));
@@ -3820,6 +3821,7 @@
             this.button = jQuery('<a/>', {
                 'class': 'btn btn-lnk',
                 'target': '_blank',
+                'rel': 'noreferrer noopener',
             }).text(attributes.string).appendTo(this.el);
             if (attributes.translate) {
                 var button = jQuery('<button/>', {
diff -r f0847be11c0e -r 2083a2128a0f src/view/tree.js
--- a/src/view/tree.js  Sat Feb 29 00:53:43 2020 +0100
+++ b/src/view/tree.js  Mon Mar 09 18:08:24 2020 +0100
@@ -1517,7 +1517,8 @@
             var cell;
             if (this.protocol) {
                 cell = jQuery('<a/>', {
-                    'target': '_new'
+                    'target': '_blank',
+                    'rel': 'noreferrer noopener',
                 });
                 cell.append(jQuery('<img/>'));
                 cell.click({'cell': cell}, this.clicked.bind(this));
@@ -1558,7 +1559,7 @@
                                 break;
                         }
                     }
-                    cell.attr('src', value);
+                    cell.attr('href', value);
                 }
                 if (this.icon) {
                     if (this.icon in record.model.fields) {
@@ -1589,8 +1590,7 @@
             return cell;
         },
         clicked: function(event) {
-            event.preventDefault();  // prevent edition
-            window.open(event.data.cell.attr('src'), '_blank');
+            event.stopPropagation();  // prevent edition
         }
     });

[tryton-commits] changeset in sao:5.2 Add noreferrer noopener to external URL

Reply via email to