jenkins-bot has submitted this change and it was merged.
Change subject: Annotate survey link with rel=noreferrer
......................................................................
Annotate survey link with rel=noreferrer
Don't leak referrer information or `window.opener` to the survey hosting
site.
Bug: T129177
Change-Id: I828bd01391bc1e034fe5655d89209b83f192b112
---
M resources/ext.popups.renderer.article.js
1 file changed, 7 insertions(+), 0 deletions(-)
Approvals:
Jdlrobson: Looks good to me, approved
jenkins-bot: Verified
diff --git a/resources/ext.popups.renderer.article.js
b/resources/ext.popups.renderer.article.js
index 02bfccd..b8440df 100644
--- a/resources/ext.popups.renderer.article.js
+++ b/resources/ext.popups.renderer.article.js
@@ -151,6 +151,13 @@
.attr( 'href', article.surveyLink )
.attr( 'target', '_blank' )
.attr( 'title', mw.message(
'popups-send-feedback' ) )
+
+ // Don't leak referrer information to the site
hosting the survey. N.B. that
+ // `rel=noreferrer` implies `rel=noopener`. See
+ //
https://html.spec.whatwg.org/multipage/semantics.html#link-type-noreferrer for
more
+ // information.
+ .attr( 'rel', 'noreferrer' )
+
.addClass( 'mwe-popups-icon
mwe-popups-survey-icon' );
$footer.append( $surveyImage );
}
--
To view, visit https://gerrit.wikimedia.org/r/288198
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I828bd01391bc1e034fe5655d89209b83f192b112
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/Popups
Gerrit-Branch: master
Gerrit-Owner: Phuedx <[email protected]>
Gerrit-Reviewer: Jdlrobson <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
