search

near / docs

NEAR Protocol Documentation
https://docs.near.org
Apache License 2.0
143 stars 349 forks source link

added blank to externar links and prevents reverse tabnabbing attack #2100

Closed matiasbenary closed 1 week ago

matiasbenary commented 2 weeks ago

This change prevents reverse tabnabbing. https://owasp.org/www-community/attacks/Reverse_Tabnabbing In vscode look for this (<a[^>]+href=["']https?:\/\/[^"']+["'])([^>]*>) and replace it with this $1 target="_blank" rel="noopener noreferrer"$2 also check by hand

gagdiez commented 1 week ago

bit of an overkill, but sure, why not