add noopener/noreferrer to cross-domain links

[lpmi-13]

as an aside, "noreferrer" is usually advocated for older browsers (ie, IE 11) that don't support "noopener", so if we don't care about older browsers, I can easily remove the "noreferrer" from this PR.

[lpmi-13]

conflicts resolved.

[hblankenship]

I don't think we need noreferrer and noopener for our own event sites? Those are the global appsecs and the virtual appsec days. In fact, we want to know that a person got to our event from our own homepage.

Also, under _includes/evnt-footer.html, the links already have a rel='sponsored' so the tags for noreferrer and noopener should be added to that.

[lpmi-13]

sure, that makes sense. So to confirm, in _includes/banner.html and _includes/owasp-global-events.html, I'll remove noreferrer from the commit?

And I had a question about the rel='sponsored' links...it looks like there aren't any additional noopener attributes being added to those, but it could be that I'm looking in the wrong place.

Is https://www.netsparker.com one of the sponsored links you were referring to?

[hblankenship]

Yes. What I meant was that the rel='sponsored' item was there but the commit had another rel='noreferrer noopener'. It should probably combine those (as you did for others) to rel='sponsored noreferrer noopener'. Thanks for your help!

[kingthorin]

Thanks @hblankenship good catch!

[lpmi-13]

ha...totally missed that (it's been a long couple of weeks...I'm sure everyone can relate). Yes, absolutely, have committed the suggestions added by @kingthorin (cool feature, that!), and will fix the other links now.

[lpmi-13]

I've been following the OWASP project for a few years now, and have always been wanting to get involved. Never been able to, so jumped at the chance to make a few simple contributions to the new site (looks great, btw!).

Please lemme know if there's anything else that should be updated.