diff options
| author | Markus Staab <markus.staab@redaxo.de> | 2017-10-19 12:16:04 +0200 |
|---|---|---|
| committer | Markus Staab <markus.staab@redaxo.de> | 2017-10-19 12:16:04 +0200 |
| commit | db34b59238846e5ec046a456b4f76649321571d1 (patch) | |
| tree | 3efe5a2c81888f6440c43ba6450998f6434ba7ea /apps/theming/lib | |
| parent | 8e25df9690a4d953721dcdc8e61038b332774a10 (diff) | |
| download | nextcloud-server-db34b59238846e5ec046a456b4f76649321571d1.tar.gz nextcloud-server-db34b59238846e5ec046a456b4f76649321571d1.zip | |
Prevent XSS in links which open a new browser window
Diffstat (limited to 'apps/theming/lib')
| -rw-r--r-- | apps/theming/lib/ThemingDefaults.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/apps/theming/lib/ThemingDefaults.php b/apps/theming/lib/ThemingDefaults.php index 6ee546d2630..97e889a2140 100644 --- a/apps/theming/lib/ThemingDefaults.php +++ b/apps/theming/lib/ThemingDefaults.php @@ -134,7 +134,7 @@ class ThemingDefaults extends \OC_Defaults { public function getShortFooter() { $slogan = $this->getSlogan(); $footer = '<a href="'. $this->getBaseUrl() . '" target="_blank"' . - ' rel="noreferrer">' .$this->getEntity() . '</a>'. + ' rel="noreferrer noopener">' .$this->getEntity() . '</a>'. ($slogan !== '' ? ' – ' . $slogan : ''); return $footer; |