search

mysociety / alaveteli

Provide a Freedom of Information request system for your jurisdiction
https://alaveteli.org
Other
389 stars 196 forks source link

Add more spam-prevention to User#get_about_me_for_html_display #6808

Open garethrees opened 2 years ago

garethrees commented 2 years ago

https://developers.google.com/search/docs/advanced/guidelines/qualify-outbound-links

"rel=nofollow" is the only somewhat standard one. I have never heard of "rel=ugc" and I wonder if google made it up, does that work on bing and yandex?I mostly use "rel=nofollow noopener noreferrer" which should cover most "use-cases" of spammers.

https://news.ycombinator.com/item?id=30404079

Currently we only add rel=nofollow, but we could also add noopener, noreferrer and ugc.

This would require a change to the commonlib-provided make_clickable.

garethrees commented 2 years ago

Or we could be really dirty and and do it in Alaveteli 🙈 🙈 

text = 
  MySociety::Format.make_clickable(text, { :contract => 1, :nofollow => true }).
  gsub(/nofollow/, "nofollow noopener noreferrer ugc")