diff options
| author | diosmosis <diosmosis@users.noreply.github.com> | 2018-12-10 22:29:46 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-12-10 22:29:46 +0300 |
| commit | 43b61590e51980965c8c9731d79e0b1479e8feb6 (patch) | |
| tree | 4fa7af2b7fbf7dd635af1bab02be31f0653d2acc /plugins/Referrers | |
| parent | 4d61d27f1a5faa4470a6831fa077733e3b8a208d (diff) | |
Introduce whitelist test for link protocols. (#13798)
* Introduce whitelist test for link protocols.
* Two more url fixes.
* Add whole_url escape filter to do url trustworthiness check.
* Use whole_url in conjunction w/ html_attr, since twig will automatically apply html if not done.
* Use existing safelink filter.
* Regex tweak.
Diffstat (limited to 'plugins/Referrers')
| -rw-r--r-- | plugins/Referrers/templates/_visitorDetails.twig | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/plugins/Referrers/templates/_visitorDetails.twig b/plugins/Referrers/templates/_visitorDetails.twig index 39c43d816e..bbaeae83b1 100644 --- a/plugins/Referrers/templates/_visitorDetails.twig +++ b/plugins/Referrers/templates/_visitorDetails.twig @@ -1,7 +1,7 @@ <div class="visitorReferrer {{ visitInfo.getColumn('referrerType') }}"> {% if visitInfo.getColumn('referrerType') == 'website' %} <span>{{ 'Referrers_ColumnWebsite'|translate }}:</span> - <a href="{{ visitInfo.getColumn('referrerUrl') }}" rel="noreferrer noopener" target="_blank" class="visitorLogTooltip" title="{{ visitInfo.getColumn('referrerUrl') }}" + <a href="{{ visitInfo.getColumn('referrerUrl')|safelink|e('html_attr') }}" rel="noreferrer noopener" target="_blank" class="visitorLogTooltip" title="{{ visitInfo.getColumn('referrerUrl') }}" style="text-decoration:underline;"> {{ visitInfo.getColumn('referrerName') }} </a> @@ -15,7 +15,7 @@ {% if visitInfo.getColumn('referrerSearchEngineIcon') %} <img width="16" src="{{ visitInfo.getColumn('referrerSocialNetworkIcon') }}" alt="{{ visitInfo.getColumn('referrerName') }}"/> {% endif %} - <a href="{{ visitInfo.getColumn('referrerUrl') }}" rel="noreferrer" target="_blank" class="visitorLogTooltip" title="{{ visitInfo.getColumn('referrerUrl') }}" + <a href="{{ visitInfo.getColumn('referrerUrl')|safelink|e('html_attr') }}" rel="noreferrer" target="_blank" class="visitorLogTooltip" title="{{ visitInfo.getColumn('referrerUrl') }}" style="text-decoration:underline;"> {{ visitInfo.getColumn('referrerName') }} </a> @@ -29,7 +29,7 @@ {% endif %} <span>{{ visitInfo.getColumn('referrerName') }}</span> {%- if showKeyword %}<span>, {{ 'Referrers_Keywords'|translate }}:</span> - <a href="{{ visitInfo.getColumn('referrerUrl') }}" rel="noreferrer noopener" target="_blank" style="text-decoration:underline;"> + <a href="{{ visitInfo.getColumn('referrerUrl')|safelink|e('html_attr') }}" rel="noreferrer noopener" target="_blank" style="text-decoration:underline;"> "{{ visitInfo.getColumn('referrerKeyword') }}"</a> {% endif %} {% set keyword %}{{ visitInfo.getColumn('referrerKeyword') }}{% endset %} |