Prevent a target _blank attacks with window.opener

https://mathiasbynens.github.io/rel-noopener/ noopener is implied by noreferrer https://html.spec.whatwg.org/multipage/semantics.html#link-type-noreferrer The API for window.open() does not seem stable yet https://bugzilla.mozilla.org/show_bug.cgi?id=1267339
author: Alexandre Alapetite <alexandre.alapetite@alexandra.dk> 2016-09-07 14:35:51 +0200
committer: Alexandre Alapetite <alexandre.alapetite@alexandra.dk> 2016-09-07 14:35:51 +0200
commit: 8a776f146182bc6870702cfeb87041e3af66b24b (patch)
tree: 5ababee81679d46f7f72d65920170e719fea12d1 /app/views/index/normal.phtml
parent: 03211453704e90c85d5da3a9ef0553e49886de59 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/app/views/index/normal.phtml b/app/views/index/normal.phtml
index 91ebcebd3..6fda11ed9 100644
--- a/app/views/index/normal.phtml
+++ b/app/views/index/normal.phtml
@@ -66,7 +66,7 @@ if (!empty($this->entries)) {
 
 		?><div class="flux_content">
 			<div class="content <?php echo $content_width; ?>">
-				<h1 class="title"><a target="_blank" href="<?php echo $this->entry->link(); ?>"><?php echo $this->entry->title(); ?></a></h1>
+				<h1 class="title"><a target="_blank" rel="noreferrer" href="<?php echo $this->entry->link(); ?>"><?php echo $this->entry->title(); ?></a></h1>
 				<?php
 					$author = $this->entry->author();
 					echo $author != '' ? '<div class="author">' . _t('gen.short.by_author', $author) . '</div>' : '',
author	Alexandre Alapetite <alexandre.alapetite@alexandra.dk>	2016-09-07 14:35:51 +0200
committer	Alexandre Alapetite <alexandre.alapetite@alexandra.dk>	2016-09-07 14:35:51 +0200
commit	8a776f146182bc6870702cfeb87041e3af66b24b (patch)
tree	5ababee81679d46f7f72d65920170e719fea12d1 /app/views/index/normal.phtml
parent	03211453704e90c85d5da3a9ef0553e49886de59 (diff)