Changed the default title logic from onAfterWrite to onBeforeWrite to remove double writing
Fixed instanceof ContentController referencing a class that isn't imported
Added canView/canEdit/canDelete/canCreate so non-ADMIN permission users can see/edit links. My thinking behind this is that Links will be tied to other objects that should control the permissions more restrictively as necessary, and all editors of those objects need to be able to see/edit links.
Replaced the getRenderTemplates method with a call to DataObject->getViewerTemplates, which has the same behaviour
Added rel='noopener' into TargetAttr for security - not having rel=noopener with target=_blank is a big security risk which users may not necessarily be aware of. While overriding the rel attribute like this is not ideal, it is preferable to be secure by default. See https://mathiasbynens.github.io/rel-noopener/ for more details.
If this is accepted, could you please tag a release as we would like to use this functionality in our project.
hchokshi
commented
6 years ago
DataObjectfieldsonAfterWritetoonBeforeWriteto remove double writinginstanceof ContentControllerreferencing a class that isn't importedcanView/canEdit/canDelete/canCreateso non-ADMINpermission users can see/edit links. My thinking behind this is that Links will be tied to other objects that should control the permissions more restrictively as necessary, and all editors of those objects need to be able to see/edit links.getRenderTemplatesmethod with a call toDataObject->getViewerTemplates, which has the same behaviourrel='noopener'intoTargetAttrfor security - not havingrel=noopenerwithtarget=_blankis a big security risk which users may not necessarily be aware of. While overriding the rel attribute like this is not ideal, it is preferable to be secure by default. Seehttps://mathiasbynens.github.io/rel-noopener/for more details.If this is accepted, could you please tag a release as we would like to use this functionality in our project.