mirror of
https://github.com/Ponce/slackbuilds
synced 2024-11-06 08:26:50 +01:00
36 lines
1.2 KiB
Diff
36 lines
1.2 KiB
Diff
From b421096d5596f1c6ade078fa0b1103deefc3a5ed Mon Sep 17 00:00:00 2001
|
|
From: qssam <Sam.Webb@quiet-storm.net>
|
|
Date: Tue, 7 Feb 2017 16:49:10 +0000
|
|
Subject: [PATCH] Fix to window.opener vulnerability in external referral site
|
|
links
|
|
|
|
Reference: https://mathiasbynens.github.io/rel-noopener/
|
|
---
|
|
wwwroot/cgi-bin/awstats.pl | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/wwwroot/cgi-bin/awstats.pl b/wwwroot/cgi-bin/awstats.pl
|
|
index 75f0ed95..8bde5c03 100755
|
|
--- a/wwwroot/cgi-bin/awstats.pl
|
|
+++ b/wwwroot/cgi-bin/awstats.pl
|
|
@@ -8892,7 +8892,7 @@ sub HTMLShowURLInfo {
|
|
{ # URL seems to be extracted from a proxy log file
|
|
print "<a href=\""
|
|
. XMLEncode("$newkey")
|
|
- . "\" target=\"url\" rel=\"nofollow\">"
|
|
+ . "\" target=\"url\" rel=\"nofollow noopener noreferrer\">"
|
|
. XMLEncode($nompage) . "</a>";
|
|
}
|
|
elsif ( $newkey =~ /^\// )
|
|
@@ -8907,7 +8907,7 @@ sub HTMLShowURLInfo {
|
|
}
|
|
print "<a href=\""
|
|
. XMLEncode("$urlprot://$SiteDomain$newkey")
|
|
- . "\" target=\"url\" rel=\"nofollow\">"
|
|
+ . "\" target=\"url\" rel=\"nofollow noopener noreferrer\">"
|
|
. XMLEncode($nompage) . "</a>";
|
|
}
|
|
else {
|
|
--
|
|
2.15.1
|
|
|