diff options
| author | Frédéric Buclin <LpSolit@gmail.com> | 2015-01-05 12:50:21 +0100 |
|---|---|---|
| committer | Frédéric Buclin <LpSolit@gmail.com> | 2015-01-05 12:50:21 +0100 |
| commit | 26db658179ff62a735c6b45767008603914c63ed (patch) | |
| tree | b0d19536e44054695c2f3f63f403b4d795a199e5 /template/en/default/bug/show-multiple.html.tmpl | |
| parent | fc6271c7fa4e915319462f9d27a52061ed609739 (diff) | |
| download | bugzilla-26db658179ff62a735c6b45767008603914c63ed.tar.gz bugzilla-26db658179ff62a735c6b45767008603914c63ed.tar.xz | |
Bug 1113630: Set window.opener to null for the URL field to prevent interaction between a remote script and the bug report
r=gerv a=glob
Diffstat (limited to 'template/en/default/bug/show-multiple.html.tmpl')
| -rw-r--r-- | template/en/default/bug/show-multiple.html.tmpl | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/template/en/default/bug/show-multiple.html.tmpl b/template/en/default/bug/show-multiple.html.tmpl index d3065abda..99dd53215 100644 --- a/template/en/default/bug/show-multiple.html.tmpl +++ b/template/en/default/bug/show-multiple.html.tmpl @@ -148,7 +148,7 @@ <th>[% field_descs.bug_file_loc FILTER html %]:</th> <td colspan="3"> [% IF is_safe_url(bug.bug_file_loc) %] - <a href="[% bug.bug_file_loc FILTER html %]"> + <a href="[% bug.bug_file_loc FILTER html %]" rel="noreferrer"> [% bug.bug_file_loc FILTER html %]</a> [% ELSE %] [% bug.bug_file_loc FILTER html %] |