diff options
author | Lukas Reschke <lukas@owncloud.com> | 2015-02-04 16:25:37 +0100 |
---|---|---|
committer | Lukas Reschke <lukas@owncloud.com> | 2015-02-04 16:25:37 +0100 |
commit | b432ea29c9d99a386077c738d6e29d4bc093c15f (patch) | |
tree | ef336d22df1930676962d55f57bcd12edc6c3c4e /core/templates/layout.base.php | |
parent | 486f49ed72970276462f09074829576588352b2a (diff) | |
download | nextcloud-server-b432ea29c9d99a386077c738d6e29d4bc093c15f.tar.gz nextcloud-server-b432ea29c9d99a386077c738d6e29d4bc093c15f.zip |
Add `rel="noreferrer"` where possible and switch to HTTPS
Just to follow good practise and prevent some automated scanners to complain about "Cross-domain Referer leakage".
Diffstat (limited to 'core/templates/layout.base.php')
-rw-r--r-- | core/templates/layout.base.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/core/templates/layout.base.php b/core/templates/layout.base.php index 96229fd370a..768a965599b 100644 --- a/core/templates/layout.base.php +++ b/core/templates/layout.base.php @@ -24,7 +24,7 @@ <?php print_unescaped($_['headers']); ?> </head> <body id="body-public"> - <noscript><div id="nojavascript"><div><?php print_unescaped($l->t('This application requires JavaScript for correct operation. Please <a href="http://enable-javascript.com/" target="_blank">enable JavaScript</a> and reload the page.')); ?></div></div></noscript> + <noscript><div id="nojavascript"><div><?php print_unescaped($l->t('This application requires JavaScript for correct operation. Please <a href="http://enable-javascript.com/" target="_blank" rel="noreferrer">enable JavaScript</a> and reload the page.')); ?></div></div></noscript> <?php print_unescaped($_['content']); ?> </body> </html> |