mirrors/TiddlyWiki5
1
0
Fork 0
mirror of https://github.com/Jermolene/TiddlyWiki5 synced 2024-11-23 10:07:19 +00:00
Code Issues Releases Wiki Activity

Add rel="noopener noreferrer" to external links

Browse Source 
Background:
https://medium.com/@jitbit/target-blank-the-most-underestimated-vulnerab
ility-ever-96e328301f4c#.hduwdbjlb
This commit is contained in:
Jermolene 2016-05-05 11:49:40 +01:00
parent 8a08eee4bd
commit 3a3754aebb
17 changed files with 22 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
core/modules/parsers/wikiparser/rules/extlink.js
View File

@ -42,7 +42,8 @@ exports.parse = function() {
attributes: {
href: {type: "string", value: this.match[0]},
"class": {type: "string", value: "tc-tiddlylink-external"},
target: {type: "string", value: "_blank"}
target: {type: "string", value: "_blank"},
rel: {type: "string", value: "noopener noreferrer"}
},
children: [{
type: "text", text: this.match[0]

1
core/modules/parsers/wikiparser/rules/prettyextlink.js
View File

@ -106,6 +106,7 @@ exports.parseLink = function(source,pos) {
}
node.attributes.href = {type: "string", value: URL};
node.attributes.target = {type: "string", value: "_blank"};
node.attributes.rel = {type: "string", value: "noopener noreferrer"};
// Update the end position
node.end = closePos + 2;
return node;

3
core/modules/parsers/wikiparser/rules/prettylink.js
View File

@ -40,7 +40,8 @@ exports.parse = function() {
attributes: {
href: {type: "string", value: link},
"class": {type: "string", value: "tc-tiddlylink-external"},
target: {type: "string", value: "_blank"}
target: {type: "string", value: "_blank"},
rel: {type: "string", value: "noopener noreferrer"}
},
children: [{
type: "text", text: text

1
core/modules/savers/download.js
View File

@ -34,6 +34,7 @@ DownloadSaver.prototype.save = function(text,method,callback,options) {
// Set up the link
var link = document.createElement("a");
link.setAttribute("target","_blank");
link.setAttribute("rel","noopener noreferrer");
if(Blob !== undefined) {
var blob = new Blob([text], {type: "text/html"});
link.setAttribute("href", URL.createObjectURL(blob));

1
core/modules/utils/dom/modal.js
View File

@ -102,6 +102,7 @@ Modal.prototype.display = function(title,options) {
var link = document.createElement("a");
link.setAttribute("href",tiddler.fields.help);
link.setAttribute("target","_blank");
link.setAttribute("rel","noopener noreferrer");
link.appendChild(document.createTextNode("Help"));
modalFooterHelp.appendChild(link);
modalFooterHelp.style.float = "left";

2
editions/dev/tiddlers/system/github-fork-ribbon.tid
View File

@ -3,4 +3,4 @@ tags: $:/tags/PageControls
caption: ~GitHub ribbon
description: ~GitHub ribbon for tw5.com/dev
<div class="github-fork-ribbon-wrapper right" style><div class="github-fork-ribbon" style="background-color:#DF4848;"><a href="https://github.com/Jermolene/TiddlyWiki5" target="_blank">Find me on ~GitHub</a></div></div>
<div class="github-fork-ribbon-wrapper right" style><div class="github-fork-ribbon" style="background-color:#DF4848;"><a href="https://github.com/Jermolene/TiddlyWiki5" target="_blank" rel="noopener noreferrer">Find me on ~GitHub</a></div></div>

2
editions/tw5.com/tiddlers/editions/Empty Edition.tid
View File

@ -8,4 +8,4 @@ The "empty" edition of TiddlyWiki is a vanilla distribution, with no additional
The empty edition can be downloaded from:
<a href="empty.html" target="_blank">empty.html</a>
<a href="empty.html" target="_blank" rel="noopener noreferrer">empty.html</a>

2
editions/tw5.com/tiddlers/editions/Full Edition.tid
View File

@ -8,4 +8,4 @@ The "full" edition of TiddlyWiki consists of all the available languages, themes
The full edition can be downloaded from:
<a href="editions/full/index.html" target="_blank">editions/full/index.html</a>
<a href="editions/full/index.html" target="_blank" rel="noopener noreferrer">editions/full/index.html</a>

2
editions/tw5.com/tiddlers/editions/Resume Builder Edition.tid
View File

@ -6,4 +6,4 @@ type: text/vnd.tiddlywiki
The ''Résumé Builder'' edition of TiddlyWiki gets you started with a simple way to create a professional resume that you can save to the web or print.
<a href="editions/resumebuilder/index.html" target="_blank">editions/resumebuilder/index.html</a>
<a href="editions/resumebuilder/index.html" target="_blank" rel="noopener noreferrer">editions/resumebuilder/index.html</a>

2
editions/tw5.com/tiddlers/editions/Text Slicer Edition.tid
View File

@ -6,4 +6,4 @@ type: text/vnd.tiddlywiki
The ''Text-Slicer'' edition of TiddlyWiki contains tools to help advanced users slice long texts up into individual tiddlers.
<a href="editions/text-slicer/index.html" target="_blank">editions/text-slicer/index.html</a>
<a href="editions/text-slicer/index.html" target="_blank" rel="noopener noreferrer">editions/text-slicer/index.html</a>

8
editions/tw5.com/tiddlers/hellothere/HelloThere.tid
View File

@ -18,16 +18,16 @@ Use it to keep your [[to-do list|TaskManagementExample]], to plan an [[essay or
Unlike conventional online services, TiddlyWiki lets you choose where to keep your data, guaranteeing that in the decades to come you will still be able to use the notes you take today.
<div style="font-size:0.7em;text-align:center;margin-top:3em;margin-bottom:3em;">
<a href="http://groups.google.com/group/TiddlyWiki" class="tc-btn-big-green" style="background-color:#FF8C19;" target="_blank">
<a href="http://groups.google.com/group/TiddlyWiki" class="tc-btn-big-green" style="background-color:#FF8C19;" target="_blank" rel="noopener noreferrer">
{{$:/core/images/mail}} ~TiddlyWiki Mailing List
</a>
<a href="http://www.youtube.com/c/JeremyRuston" class="tc-btn-big-green" style="background-color:#e52d27;" target="_blank">
<a href="http://www.youtube.com/c/JeremyRuston" class="tc-btn-big-green" style="background-color:#e52d27;" target="_blank" rel="noopener noreferrer">
{{$:/core/images/video}} ~TiddlyWiki on ~YouTube
</a>
<a href="https://twitter.com/TiddlyWiki" class="tc-btn-big-green" style="background-color:#5E9FCA;" target="_blank">
<a href="https://twitter.com/TiddlyWiki" class="tc-btn-big-green" style="background-color:#5E9FCA;" target="_blank" rel="noopener noreferrer">
{{$:/core/images/twitter}} @~TiddlyWiki on Twitter
</a>
<a href="https://github.com/Jermolene/TiddlyWiki5" class="tc-btn-big-green" style="background-color:#444;" target="_blank">
<a href="https://github.com/Jermolene/TiddlyWiki5" class="tc-btn-big-green" style="background-color:#444;" target="_blank" rel="noopener noreferrer">
{{$:/core/images/github}} ~TiddlyWiki on ~GitHub
</a>
</div>

2
editions/tw5.com/tiddlers/hellothere/What happened to the original TiddlyWiki.tid
View File

@ -3,7 +3,7 @@ tags: HelloThere
created: 201409040851
modified: 201409040851
<a class="tc-float-right tc-bordered-image" href="http://classic.tiddlywiki.com/" target="_blank">[img width="200" [TiddlyWiki Classic.png]]</a>
<a class="tc-float-right tc-bordered-image" href="http://classic.tiddlywiki.com/" target="_blank" rel="noopener noreferrer">[img width="200" [TiddlyWiki Classic.png]]</a>
The original [[Classic|TiddlyWikiClassic]] version of TiddlyWiki is still available at:

2
editions/tw5.com/tiddlers/system/ContributionBanner.tid
View File

@ -7,7 +7,7 @@ https://github.com/Jermolene/TiddlyWiki5/edit/master/editions/tw5.com/tiddlers/$
\end
\define innerMakeGitHubLink(linkText)
<$set name="githubLink" value={{$:/config/OriginalTiddlerPaths##$(draftOfTiddler)$}}>
<a href=<<makeGitHubLink>> class="tc-tiddlylink-external" target="_blank">$linkText$</a>
<a href=<<makeGitHubLink>> class="tc-tiddlylink-external" target="_blank" rel="noopener noreferrer">$linkText$</a>
</$set>
\end
\define outerMakeGitHubLink(linkText)

2
editions/tw5.com/tiddlers/system/Sources.tid
View File

@ -13,7 +13,7 @@ https://github.com/Jermolene/TiddlyWiki5/blob/master/editions/tw5.com/tiddlers/$
\end
\define outerMakeGitHubLink()
<$set name="githubLink" value={{$:/config/OriginalTiddlerPaths##$(currentTiddler)$}}>
<a href=<<makeGitHubLink>> class="tc-tiddlylink-external" target="_blank"><$text text=<<makeGitHubLink>>/></a>
<a href=<<makeGitHubLink>> class="tc-tiddlylink-external" target="_blank" rel="noopener noreferrer"><$text text=<<makeGitHubLink>>/></a>
</$set>
\end
<$list filter="[all[current]!is[system]!is[shadow]]">

2
editions/tw5.com/tiddlers/system/doc-macros.tid
View File

@ -36,7 +36,7 @@ tags: $:/tags/Macro
\define .link(_,to) <$link to="$to$">$_$</$link>
\define .clink(_,to) <span class="doc-clink"><<.link """$_$""" "$to$">></span>
\define .dlink(_,to) <$macrocall $name=".link" _=<<.def "$_$">> to="$to$">/>
\define .dlink-ex(_,to) <a href="$to$" class="tc-tiddlylink-external" target="_blank"><<.def "$_$">></a>
\define .dlink-ex(_,to) <a href="$to$" class="tc-tiddlylink-external" target="_blank" rel="noopener noreferrer"><<.def "$_$">></a>
\define .flink(to) <$macrocall $name=".link" _=<<.field {{$to$!!caption}}>> to="$to$"/>
\define .mlink(_,to) <$macrocall $name=".link" _=<<.var "$_$">> to=<<.mtitle "$_$">>/>
\define .mlink2(_,to) <$macrocall $name=".link" _=<<.var "$_$">> to="$to$"/>

2
plugins/tiddlywiki/powered-by-tiddlywiki/banner.tid
View File

@ -1,6 +1,6 @@
title: $:/plugins/tiddlywiki/powered-by-tiddlywiki/banner
tags: $:/tags/PageTemplate
<a href="http://tiddlywiki.com" target="_blank">
<a href="http://tiddlywiki.com" target="_blank" rel="noopener noreferrer">
[img width="160px" class="tc-powered-by-tiddlywiki-banner" [$:/plugins/tiddlywiki/powered-by-tiddlywiki/powered-by-tiddlywiki.svg]]
</a>

1
plugins/tiddlywiki/railroad/wrapper.js
View File

@ -97,6 +97,7 @@ RailroadWidget.prototype.patchLinks = function(node) {
if(child.attributes["data-tw-external"]) {
// External links are straightforward
child.setAttribute("target","_blank");
child.setAttribute("rel","noopener noreferrer");
} else {
// Each internal link gets its own onclick handler, capturing its own copy of target
(function(myTarget) {