Paths

Table of Contentst

Differential D19118

Explicitly add rel="noreferrer" to all external links
ClosedPublic
Actions

Authored by epriestley on Feb 18 2018, 1:43 AM.

Tags

None

Referenced Files

	F18099712: D19118.id45810.diff
	Sat, Aug 9, 8:02 AM

	F18077295: D19118.id.diff
	Mon, Aug 4, 7:00 PM

	F18051928: D19118.id.diff
	Mon, Aug 4, 12:44 AM

	F18049163: D19118.diff
	Sun, Aug 3, 3:38 PM

	F17987757: D19118.diff
	Fri, Aug 1, 10:35 PM

	F17711934: D19118.diff
	Thu, Jul 17, 9:19 AM

	Unknown Object (File)
	May 7 2025, 4:55 PM

	Unknown Object (File)
	Apr 29 2025, 3:33 AM

Subscribers

Restricted Owners Package

Details

Reviewers: None
Commits: rP05a4c55c52be: Explicitly add rel="noreferrer" to all external links

Summary

See D19117. Instead of automatically figuring this out inside phutil_tag(), explicitly add rel="noreferrer" at the application level to all external links.

Test Plan

Grepped for _blank, isValidRemoteURIForLink, checked all callsites for user-controlled data.
Created a link menu item, verified noreferrer in markup.
Created a link custom field, verified no referrer in markup.
Verified noreferrer for {nav href=...}.

Diff Detail

Repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

epriestley created this revision.Feb 18 2018, 1:43 AM

Owners added a subscriber: Restricted Owners Package.Feb 18 2018, 1:43 AM

Harbormaster completed remote builds in B19618: Diff 45810.Feb 18 2018, 1:44 AM

This revision was not accepted when it landed; it landed in state Needs Review.Feb 18 2018, 1:44 AM

epriestley requested review of this revision.

Closed by commit rP05a4c55c52be: Explicitly add rel="noreferrer" to all external links (authored by epriestley). · Explain Why

This revision was automatically updated to reflect the committed changes.

epriestley added inline comments.Feb 18 2018, 2:04 AM

src/applications/files/markup/PhabricatorImageRemarkupRule.php
23	This was rendering `<img href="..." />` which has no effect since `href` doesn't go on `img`.

Revision Contents
Changeset List

Path

Size

src/

applications/

auth/

view/

PhabricatorAuthAccountView.php

1 line

calendar/

import/

PhabricatorCalendarICSURIImportEngine.php

1 line

files/

markup/

PhabricatorImageRemarkupRule.php

8 lines

harbormaster/

artifact/

HarbormasterURIArtifact.php

1 line

nuance/

item/

NuanceGitHubEventItemType.php

2 lines

phurl/

remarkup/

PhabricatorPhurlLinkRemarkupRule.php

1 line

search/

menuitem/

PhabricatorLinkProfileMenuItem.php

3 lines

infrastructure/

customfield/

standard/

PhabricatorStandardCustomFieldLink.php

6 lines

view/

layout/

PhabricatorActionView.php

3 lines

phui/

PHUIListItemView.php

13 lines

PHUITagView.php

25 lines

Diff 45812

src/applications/auth/view/PhabricatorAuthAccountView.php

Loading...

src/applications/calendar/import/PhabricatorCalendarICSURIImportEngine.php

Loading...

src/applications/files/markup/PhabricatorImageRemarkupRule.php

Loading...

src/applications/harbormaster/artifact/HarbormasterURIArtifact.php

Loading...

src/applications/nuance/item/NuanceGitHubEventItemType.php

Loading...

src/applications/phurl/remarkup/PhabricatorPhurlLinkRemarkupRule.php

Loading...

src/applications/search/menuitem/PhabricatorLinkProfileMenuItem.php

Loading...

src/infrastructure/customfield/standard/PhabricatorStandardCustomFieldLink.php

Loading...

src/view/layout/PhabricatorActionView.php

Loading...

src/view/phui/PHUIListItemView.php

Loading...

src/view/phui/PHUITagView.php

Loading...