summaryrefslogtreecommitdiffstats
path: root/core/templates/layout.user.php
diff options
context:
space:
mode:
authorLukas Reschke <lukas@owncloud.com>2015-02-04 16:25:37 +0100
committerLukas Reschke <lukas@owncloud.com>2015-02-04 16:25:37 +0100
commitb432ea29c9d99a386077c738d6e29d4bc093c15f (patch)
treeef336d22df1930676962d55f57bcd12edc6c3c4e /core/templates/layout.user.php
parent486f49ed72970276462f09074829576588352b2a (diff)
downloadnextcloud-server-b432ea29c9d99a386077c738d6e29d4bc093c15f.tar.gz
nextcloud-server-b432ea29c9d99a386077c738d6e29d4bc093c15f.zip
Add `rel="noreferrer"` where possible and switch to HTTPS
Just to follow good practise and prevent some automated scanners to complain about "Cross-domain Referer leakage".
Diffstat (limited to 'core/templates/layout.user.php')
-rw-r--r--core/templates/layout.user.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/core/templates/layout.user.php b/core/templates/layout.user.php
index 4ffec917c9b..34fad7e6cd2 100644
--- a/core/templates/layout.user.php
+++ b/core/templates/layout.user.php
@@ -32,7 +32,7 @@
<?php print_unescaped($_['headers']); ?>
</head>
<body id="<?php p($_['bodyid']);?>">
- <noscript><div id="nojavascript"><div><?php print_unescaped($l->t('This application requires JavaScript for correct operation. Please <a href="http://enable-javascript.com/" target="_blank">enable JavaScript</a> and reload the page.')); ?></div></div></noscript>
+ <noscript><div id="nojavascript"><div><?php print_unescaped($l->t('This application requires JavaScript for correct operation. Please <a href="http://enable-javascript.com/" target="_blank" rel="noreferrer">enable JavaScript</a> and reload the page.')); ?></div></div></noscript>
<div id="notification-container">
<div id="notification"></div>
<?php if ($_['updateAvailable']): ?>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-04 02:18:08 +0000