Skip to content

fix(ui): Added rel="noopener noreferrer" to link (#13820) #14268

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jun 30, 2023
Merged

fix(ui): Added rel="noopener noreferrer" to link (#13820) #14268

merged 2 commits into from
Jun 30, 2023
+1 −1

Conversation

aakankshabhende
Copy link
Contributor

Fixes #13820

Added rel="noopener noreferrer" attribute to link for security.

Note on DCO:

If the DCO action in the integration test fails, one or more of your commits are not signed off. Please click on the Details link next to the DCO action for instructions on how to resolve this.

Checklist:

  • Either (a) I've created an enhancement proposal and discussed it with the community, (b) this is a bug fix, or (c) this does not need to be in the release notes.
  • The title of the PR states what changed and the related issues number (used for the release note).
  • The title of the PR conforms to the Toolchain Guide
  • I've included "Closes [ISSUE #]" or "Fixes [ISSUE #]" in the description to automatically close the associated issue.
  • I've updated both the CLI and UI to expose my feature, or I plan to submit a second PR with them.
  • Does this PR require documentation updates?
  • I've updated documentation as required by this PR.
  • Optional. My organization is added to USERS.md.
  • I have signed off all my commits as required by DCO
  • I have written unit and/or e2e tests for my change. PRs without these are unlikely to be merged.
  • My build is green (troubleshooting builds).
  • My new feature complies with the feature status guidelines.
  • I have added a brief description of why this PR is necessary and/or what this PR solves.

Please see Contribution FAQs if you have questions about your pull-request.

Sorry, something went wrong.

@aakankshabhende
Added rel attribute to link
8be3b87 
Signed-off-by: aakankshabhende <aakanksha0407@gmail.com>
@aakankshabhende aakankshabhende changed the title #13820: Added rel="noopener noreferrer" to link fix : Added rel="noopener noreferrer" to link Jun 29, 2023
@aakankshabhende aakankshabhende changed the title fix : Added rel="noopener noreferrer" to link fix: Added rel="noopener noreferrer" to link Jun 29, 2023
@aakankshabhende
Fixed lint error
ddab7d6 
Signed-off-by: aakankshabhende <aakanksha0407@gmail.com>
@codecov
Copy link

codecov bot commented Jun 29, 2023

Codecov Report

Patch and project coverage have no change.

Comparison is base (e48c9e1) 49.76% compared to head (ddab7d6) 49.77%.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master   #14268   +/-   ##
=======================================
  Coverage   49.76%   49.77%           
=======================================
  Files         261      261           
  Lines       44667    44667           
=======================================
+ Hits        22230    22233    +3     
+ Misses      20251    20249    -2     
+ Partials     2186     2185    -1

see 1 file with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

@crenshaw-dev crenshaw-dev changed the title fix: Added rel="noopener noreferrer" to link fix(ui): Added rel="noopener noreferrer" to link Jun 30, 2023
crenshaw-dev
crenshaw-dev approved these changes Jun 30, 2023
View reviewed changes
Copy link
Member

@crenshaw-dev crenshaw-dev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just to note: I don't think this actually resolves a security issue. fullscreenURL will be on the same domain as Argo CD. But it is nice to quiet down false positives from scanners.

Thanks for the PR, @aakankshabhende!

@crenshaw-dev crenshaw-dev changed the title fix(ui): Added rel="noopener noreferrer" to link fix(ui): Added rel="noopener noreferrer" to link (#13820) Jun 30, 2023
@crenshaw-dev crenshaw-dev merged commit a855305 into argoproj:master Jun 30, 2023
yyzxw pushed a commit to yyzxw/argo-cd that referenced this pull request Aug 9, 2023
@aakankshabhende
fix(ui): Added rel="noopener noreferrer" to link (argoproj#13820) (ar…
20b8b8e 
…goproj#14268)

* Added rel attribute to link

Signed-off-by: aakankshabhende <aakanksha0407@gmail.com>

* Fixed lint error

Signed-off-by: aakankshabhende <aakanksha0407@gmail.com>

---------

Signed-off-by: aakankshabhende <aakanksha0407@gmail.com>
@suzaku suzaku mentioned this pull request Aug 15, 2023
Closed
tesla59 pushed a commit to tesla59/argo-cd that referenced this pull request Dec 16, 2023
@aakankshabhende @tesla59
fix(ui): Added rel="noopener noreferrer" to link (argoproj#13820) (ar…
fb95541 
…goproj#14268)

* Added rel attribute to link

Signed-off-by: aakankshabhende <aakanksha0407@gmail.com>

* Fixed lint error

Signed-off-by: aakankshabhende <aakanksha0407@gmail.com>

---------

Signed-off-by: aakankshabhende <aakanksha0407@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@crenshaw-dev crenshaw-dev

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Unsafe_Use_Of_Target_blank
2 participants
@aakankshabhende @crenshaw-dev