habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

web: set noopener and noreferrer on all external links (#10304)

Browse Source 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens L
2024-07-02 07:29:32 +09:00
committed by GitHub
parent f4ef8f5739
commit 29f3e2789d
20 changed files with 33 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
authentik/core/templates/login/base_full.html
View File

@ -71,7 +71,7 @@
</li> </li>
{% endfor %} {% endfor %}
<li> <li>
<a href="https://goauthentik.io?utm_source=authentik"> <a rel="noopener noreferrer" target="_blank" href="https://goauthentik.io?utm_source=authentik">
{% trans 'Powered by authentik' %} {% trans 'Powered by authentik' %}
</a> </a>
</li> </li>

2
authentik/stages/email/templates/email/base.html
View File

@ -120,7 +120,7 @@
</tr> </tr>
<tr> <tr>
<td align="center"> <td align="center">
Powered by <a href="https://goauthentik.io?utm_source=authentik&utm_medium=email">authentik</a>. Powered by <a rel="noopener noreferrer" target="_blank" href="https://goauthentik.io?utm_source=authentik&utm_medium=email">authentik</a>.
</td> </td>
</tr> </tr>
</table> </table>

2
internal/outpost/proxyv2/templates/error.html
View File

@ -48,7 +48,7 @@
<footer class="pf-c-login__footer"> <footer class="pf-c-login__footer">
<ul class="pf-c-list pf-m-inline"> <ul class="pf-c-list pf-m-inline">
<li> <li>
<a href="https://goauthentik.io?utm_source=authentik_outpost&utm_campaign=proxy_error"> <a rel="noopener noreferrer" target="_blank" href="https://goauthentik.io?utm_source=authentik_outpost&utm_campaign=proxy_error">
Powered by authentik Powered by authentik
</a> </a>
</li> </li>

9
web/src/admin/admin-overview/AdminOverviewPage.ts
View File

@ -208,7 +208,14 @@ export class AdminOverviewPage extends AdminOverviewBase {
return html`<li> return html`<li>
${ex( ${ex(
() => html`<a href="${url}" class="pf-u-mb-xl" target="_blank">${content}</a>`, () =>
html`<a
href="${url}"
class="pf-u-mb-xl"
rel="noopener noreferrer"
target="_blank"
>${content}</a
>`,
() => html`<a href="${url}" class="pf-u-mb-xl" )>${content}</a>`, () => html`<a href="${url}" class="pf-u-mb-xl" )>${content}</a>`,
)} )}
</li>`; </li>`;

2
web/src/admin/admin-overview/cards/VersionStatusCard.ts
View File

@ -56,6 +56,6 @@ export class VersionStatusCard extends AdminStatusCard<Version> {
text = this.value.buildHash?.substring(0, 7); text = this.value.buildHash?.substring(0, 7);
link = `https://github.com/goauthentik/authentik/commit/${this.value.buildHash}`; link = `https://github.com/goauthentik/authentik/commit/${this.value.buildHash}`;
} }
return html`<a href=${link} target="_blank">${text}</a>`; return html`<a rel="noopener noreferrer" href=${link} target="_blank">${text}</a>`;
} }
} }

1
web/src/admin/blueprints/BlueprintForm.ts
View File

@ -157,6 +157,7 @@ export class BlueprintForm extends ModelForm<BlueprintInstance, string> {
${msg("See more about OCI support here:")}&nbsp; ${msg("See more about OCI support here:")}&nbsp;
<a <a
target="_blank" target="_blank"
rel="noopener noreferrer"
href="${docLink( href="${docLink(
"/developer-docs/blueprints/?utm_source=authentik#storage---oci", "/developer-docs/blueprints/?utm_source=authentik#storage---oci",
)}" )}"

1
web/src/admin/outposts/OutpostDeploymentModal.ts
View File

@ -23,6 +23,7 @@ export class OutpostDeploymentModal extends ModalButton {
<a <a
target="_blank" target="_blank"
href="${docLink("/docs/outposts?utm_source=authentik#deploy")}" href="${docLink("/docs/outposts?utm_source=authentik#deploy")}"
rel="noopener noreferrer"
>${msg("View deployment documentation")}</a >${msg("View deployment documentation")}</a
> >
</p> </p>

9
web/src/admin/outposts/OutpostForm.ts
View File

@ -210,9 +210,11 @@ export class OutpostForm extends ModelForm<Outpost, string> {
)} )}
</p> </p>
<p class="pf-c-form__helper-text"> <p class="pf-c-form__helper-text">
See <a
<a target="_blank" href="${docLink("/docs/outposts?utm_source=authentik")}" target="_blank"
>documentation</a rel="noopener noreferrer"
href="${docLink("/docs/outposts?utm_source=authentik")}"
>${msg("See documentation")}</a
>. >.
</p> </p>
</ak-form-element-horizontal> </ak-form-element-horizontal>
@ -245,6 +247,7 @@ export class OutpostForm extends ModelForm<Outpost, string> {
${msg("See more here:")}&nbsp; ${msg("See more here:")}&nbsp;
<a <a
target="_blank" target="_blank"
rel="noopener noreferrer"
href="${docLink( href="${docLink(
"/docs/outposts?utm_source=authentik#configuration", "/docs/outposts?utm_source=authentik#configuration",
)}" )}"

1
web/src/admin/policies/expression/ExpressionPolicyForm.ts
View File

@ -85,6 +85,7 @@ export class ExpressionPolicyForm extends BasePolicyForm<ExpressionPolicy> {
<p class="pf-c-form__helper-text"> <p class="pf-c-form__helper-text">
${msg("Expression using Python.")} ${msg("Expression using Python.")}
<a <a
rel="noopener noreferrer"
target="_blank" target="_blank"
href="${docLink("/docs/policies/expression?utm_source=authentik")}" href="${docLink("/docs/policies/expression?utm_source=authentik")}"
> >

1
web/src/admin/property-mappings/PropertyMappingGoogleWorkspaceForm.ts
View File

@ -62,6 +62,7 @@ export class PropertyMappingGoogleWorkspaceForm extends BasePropertyMappingForm<
${msg("Expression using Python.")} ${msg("Expression using Python.")}
<a <a
target="_blank" target="_blank"
rel="noopener noreferrer"
href="${docLink("/docs/property-mappings/expression?utm_source=authentik")}" href="${docLink("/docs/property-mappings/expression?utm_source=authentik")}"
> >
${msg("See documentation for a list of all variables.")} ${msg("See documentation for a list of all variables.")}

1
web/src/admin/property-mappings/PropertyMappingLDAPForm.ts
View File

@ -71,6 +71,7 @@ export class PropertyMappingLDAPForm extends BasePropertyMappingForm<LDAPPropert
${msg("Expression using Python.")} ${msg("Expression using Python.")}
<a <a
target="_blank" target="_blank"
rel="noopener noreferrer"
href="${docLink("/docs/property-mappings/expression?utm_source=authentik")}" href="${docLink("/docs/property-mappings/expression?utm_source=authentik")}"
> >
${msg("See documentation for a list of all variables.")} ${msg("See documentation for a list of all variables.")}

1
web/src/admin/property-mappings/PropertyMappingMicrosoftEntraForm.ts
View File

@ -62,6 +62,7 @@ export class PropertyMappingMicrosoftEntraForm extends BasePropertyMappingForm<M
${msg("Expression using Python.")} ${msg("Expression using Python.")}
<a <a
target="_blank" target="_blank"
rel="noopener noreferrer"
href="${docLink("/docs/property-mappings/expression?utm_source=authentik")}" href="${docLink("/docs/property-mappings/expression?utm_source=authentik")}"
> >
${msg("See documentation for a list of all variables.")} ${msg("See documentation for a list of all variables.")}

1
web/src/admin/property-mappings/PropertyMappingNotification.ts
View File

@ -62,6 +62,7 @@ export class PropertyMappingNotification extends ModelForm<NotificationWebhookMa
${msg("Expression using Python.")} ${msg("Expression using Python.")}
<a <a
target="_blank" target="_blank"
rel="noopener noreferrer"
href="${docLink("/docs/property-mappings/expression?utm_source=authentik")}" href="${docLink("/docs/property-mappings/expression?utm_source=authentik")}"
> >
${msg("See documentation for a list of all variables.")} ${msg("See documentation for a list of all variables.")}

1
web/src/admin/property-mappings/PropertyMappingRACForm.ts
View File

@ -160,6 +160,7 @@ export class PropertyMappingLDAPForm extends ModelForm<RACPropertyMapping, strin
${msg("Expression using Python.")} ${msg("Expression using Python.")}
<a <a
target="_blank" target="_blank"
rel="noopener noreferrer"
href="${docLink( href="${docLink(
"/docs/property-mappings/expression?utm_source=authentik", "/docs/property-mappings/expression?utm_source=authentik",
)}" )}"

1
web/src/admin/property-mappings/PropertyMappingSAMLForm.ts
View File

@ -83,6 +83,7 @@ export class PropertyMappingSAMLForm extends BasePropertyMappingForm<SAMLPropert
${msg("Expression using Python.")} ${msg("Expression using Python.")}
<a <a
target="_blank" target="_blank"
rel="noopener noreferrer"
href="${docLink("/docs/property-mappings/expression?utm_source=authentik")}" href="${docLink("/docs/property-mappings/expression?utm_source=authentik")}"
> >
${msg("See documentation for a list of all variables.")} ${msg("See documentation for a list of all variables.")}

1
web/src/admin/property-mappings/PropertyMappingSCIMForm.ts
View File

@ -56,6 +56,7 @@ export class PropertyMappingSCIMForm extends BasePropertyMappingForm<SCIMMapping
${msg("Expression using Python.")} ${msg("Expression using Python.")}
<a <a
target="_blank" target="_blank"
rel="noopener noreferrer"
href="${docLink("/docs/property-mappings/expression?utm_source=authentik")}" href="${docLink("/docs/property-mappings/expression?utm_source=authentik")}"
> >
${msg("See documentation for a list of all variables.")} ${msg("See documentation for a list of all variables.")}

1
web/src/admin/property-mappings/PropertyMappingScopeForm.ts
View File

@ -83,6 +83,7 @@ export class PropertyMappingScopeForm extends BasePropertyMappingForm<ScopeMappi
${msg("Expression using Python.")} ${msg("Expression using Python.")}
<a <a
target="_blank" target="_blank"
rel="noopener noreferrer"
href="${docLink("/docs/property-mappings/expression?utm_source=authentik")}" href="${docLink("/docs/property-mappings/expression?utm_source=authentik")}"
> >
${msg("See documentation for a list of all variables.")} ${msg("See documentation for a list of all variables.")}

2
web/src/elements/Markdown.ts
View File

@ -78,7 +78,7 @@ export class Markdown extends AKElement {
const pathName = path.replace(".md", ""); const pathName = path.replace(".md", "");
const link = `docs/${baseName}${pathName}`; const link = `docs/${baseName}${pathName}`;
const url = new URL(link, baseUrl).toString(); const url = new URL(link, baseUrl).toString();
return `href="${url}" _target="blank"`; return `href="${url}" _target="blank" rel="noopener noreferrer"`;
}); });
} }

2
web/src/flow/FlowExecutor.ts
View File

@ -512,6 +512,8 @@ export class FlowExecutor extends Interface implements StageHost {
<li> <li>
<a <a
href="https://goauthentik.io?utm_source=authentik&amp;utm_medium=flow" href="https://goauthentik.io?utm_source=authentik&amp;utm_medium=flow"
target="_blank"
rel="noopener noreferrer"
>${msg("Powered by authentik")}</a >${msg("Powered by authentik")}</a
> >
</li> </li>

2
web/src/user/LibraryPage/ak-library-application-empty-list.ts
View File

@ -54,7 +54,7 @@ export class LibraryPageApplicationEmptyList extends AKElement {
> >
</div> </div>
<div class="pf-c-empty-state__body"> <div class="pf-c-empty-state__body">
<a href="${docLink("/docs/applications")}" target="_blank" <a rel="noopener noreferrer" href="${docLink("/docs/applications")}" target="_blank"
>${msg("Refer to documentation")}</a >${msg("Refer to documentation")}</a
> >
</div> </div>