summaryrefslogtreecommitdiffstats
path: root/extensions/InlineHistory/template
diff options
context:
space:
mode:
authorFrédéric Buclin <LpSolit@gmail.com>2015-01-05 05:40:22 +0100
committerByron Jones <glob@mozilla.com>2015-01-05 05:40:22 +0100
commitb78ed6c10802fa83bc6eb70729a562866ad8f4c7 (patch)
treeb7b7efdc88b5f328d51f9cc85f05476ec0784db9 /extensions/InlineHistory/template
parent66a9fc93e06ac364194a86c7269b662e1e227c60 (diff)
downloadbugzilla-b78ed6c10802fa83bc6eb70729a562866ad8f4c7.tar.gz
bugzilla-b78ed6c10802fa83bc6eb70729a562866ad8f4c7.tar.xz
Bug 1113630: Set window.opener to null for the URL field to prevent interaction between a remote script and the bug report
Diffstat (limited to 'extensions/InlineHistory/template')
-rw-r--r--extensions/InlineHistory/template/en/default/hook/bug/comments-aftercomments.html.tmpl2
1 files changed, 1 insertions, 1 deletions
diff --git a/extensions/InlineHistory/template/en/default/hook/bug/comments-aftercomments.html.tmpl b/extensions/InlineHistory/template/en/default/hook/bug/comments-aftercomments.html.tmpl
index d75c69f78..d9871e43f 100644
--- a/extensions/InlineHistory/template/en/default/hook/bug/comments-aftercomments.html.tmpl
+++ b/extensions/InlineHistory/template/en/default/hook/bug/comments-aftercomments.html.tmpl
@@ -137,7 +137,7 @@
[% ELSIF change.buglist %]
[% value FILTER bug_list_link FILTER js %]
[% ELSIF change.fieldname == 'bug_file_loc' %]
- [%~%]<a href="[% value FILTER html FILTER js %]" target="_blank"
+ [%~%]<a href="[% value FILTER html FILTER js %]" target="_blank" rel="noreferrer"
[%~ ' onclick="return inline_history.confirmUnsafeUrl(this.href)"'
UNLESS is_safe_url(value) %]>
[%~%][% value FILTER ih_short_value FILTER html FILTER js %]</a>