summaryrefslogtreecommitdiffstats
path: root/core/templates/layout.base.php
diff options
context:
space:
mode:
authorLukas Reschke <lukas@owncloud.com>2015-02-04 16:25:37 +0100
committerLukas Reschke <lukas@owncloud.com>2015-02-04 16:25:37 +0100
commitb432ea29c9d99a386077c738d6e29d4bc093c15f (patch)
treeef336d22df1930676962d55f57bcd12edc6c3c4e /core/templates/layout.base.php
parent486f49ed72970276462f09074829576588352b2a (diff)
downloadnextcloud-server-b432ea29c9d99a386077c738d6e29d4bc093c15f.tar.gz
nextcloud-server-b432ea29c9d99a386077c738d6e29d4bc093c15f.zip
Add `rel="noreferrer"` where possible and switch to HTTPS
Just to follow good practise and prevent some automated scanners to complain about "Cross-domain Referer leakage".
Diffstat (limited to 'core/templates/layout.base.php')
-rw-r--r--core/templates/layout.base.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/core/templates/layout.base.php b/core/templates/layout.base.php
index 96229fd370a..768a965599b 100644
--- a/core/templates/layout.base.php
+++ b/core/templates/layout.base.php
@@ -24,7 +24,7 @@
<?php print_unescaped($_['headers']); ?>
</head>
<body id="body-public">
- <noscript><div id="nojavascript"><div><?php print_unescaped($l->t('This application requires JavaScript for correct operation. Please <a href="http://enable-javascript.com/" target="_blank">enable JavaScript</a> and reload the page.')); ?></div></div></noscript>
+ <noscript><div id="nojavascript"><div><?php print_unescaped($l->t('This application requires JavaScript for correct operation. Please <a href="http://enable-javascript.com/" target="_blank" rel="noreferrer">enable JavaScript</a> and reload the page.')); ?></div></div></noscript>
<?php print_unescaped($_['content']); ?>
</body>
</html>