diff --git a/src/HtmlUtils.js b/src/HtmlUtils.js index 236aa0157e..7dd68e5c61 100644 --- a/src/HtmlUtils.js +++ b/src/HtmlUtils.js @@ -160,7 +160,7 @@ const transformTags = { // custom to matrix delete attribs.target; } } - attribs.rel = 'noopener'; // https://mathiasbynens.github.io/rel-noopener/ + attribs.rel = 'noreferrer noopener'; // https://mathiasbynens.github.io/rel-noopener/ return { tagName, attribs }; }, 'img': function(tagName, attribs) { diff --git a/src/Markdown.js b/src/Markdown.js index 437ceec88b..fb1f8bf0ea 100644 --- a/src/Markdown.js +++ b/src/Markdown.js @@ -136,7 +136,7 @@ export default class Markdown { // thus opening in a new tab. if (externalLinks) { attrs.push(['target', '_blank']); - attrs.push(['rel', 'noopener']); + attrs.push(['rel', 'noreferrer noopener']); } this.tag('a', attrs); } else { diff --git a/src/components/structures/GroupView.js b/src/components/structures/GroupView.js index 5ae0699a2f..e98dcae1a4 100644 --- a/src/components/structures/GroupView.js +++ b/src/components/structures/GroupView.js @@ -821,10 +821,10 @@ export default createReactClass({ {_t( "Want more than a community? Get your own server", {}, { - a: sub => {sub}, + a: sub => {sub}, }, )} - + ; diff --git a/src/components/structures/MatrixChat.js b/src/components/structures/MatrixChat.js index de916ad7aa..339ea279ee 100644 --- a/src/components/structures/MatrixChat.js +++ b/src/components/structures/MatrixChat.js @@ -1375,7 +1375,8 @@ export default createReactClass({ cancelButton: _t('Dismiss'), onFinished: (confirmed) => { if (confirmed) { - window.open(consentUri, '_blank'); + const wnd = window.open(consentUri, '_blank'); + wnd.opener = null; } }, }, null, true); diff --git a/src/components/structures/auth/Login.js b/src/components/structures/auth/Login.js index c8b2a1ea9c..24e4726416 100644 --- a/src/components/structures/auth/Login.js +++ b/src/components/structures/auth/Login.js @@ -481,7 +481,7 @@ export default createReactClass({ "Either use HTTPS or enable unsafe scripts.", {}, { 'a': (sub) => { - return { sub } @@ -496,11 +496,10 @@ export default createReactClass({ "homeserver's SSL certificate is trusted, and that a browser extension " + "is not blocking requests.", {}, { - 'a': (sub) => { - return + 'a': (sub) => + { sub } - ; - }, + , }, ) } ; diff --git a/src/components/views/auth/AuthFooter.js b/src/components/views/auth/AuthFooter.js index 4076141606..1309800772 100644 --- a/src/components/views/auth/AuthFooter.js +++ b/src/components/views/auth/AuthFooter.js @@ -26,7 +26,7 @@ export default createReactClass({ render: function() { return (
- { _t("powered by Matrix") } + { _t("powered by Matrix") }
); }, diff --git a/src/components/views/auth/InteractiveAuthEntryComponents.js b/src/components/views/auth/InteractiveAuthEntryComponents.js index 6f6eb7e2a1..aaf8c88440 100644 --- a/src/components/views/auth/InteractiveAuthEntryComponents.js +++ b/src/components/views/auth/InteractiveAuthEntryComponents.js @@ -331,7 +331,7 @@ export const TermsAuthEntry = createReactClass({ checkboxes.push( , ); } @@ -604,6 +604,7 @@ export const FallbackAuthEntry = createReactClass({ this.props.authSessionId, ); this._popupWindow = window.open(url); + this._popupWindow.opener = null; }, _onReceiveMessage: function(event) { diff --git a/src/components/views/auth/ModularServerConfig.js b/src/components/views/auth/ModularServerConfig.js index 32418d3462..d8ce145e20 100644 --- a/src/components/views/auth/ModularServerConfig.js +++ b/src/components/views/auth/ModularServerConfig.js @@ -99,7 +99,7 @@ export default class ModularServerConfig extends ServerConfig { "Enter the location of your Modular homeserver. It may use your own " + "domain name or be a subdomain of modular.im.", {}, { - a: sub => + a: sub => {sub} , }, diff --git a/src/components/views/auth/ServerTypeSelector.js b/src/components/views/auth/ServerTypeSelector.js index 341f81c546..fe29b7f76c 100644 --- a/src/components/views/auth/ServerTypeSelector.js +++ b/src/components/views/auth/ServerTypeSelector.js @@ -46,7 +46,7 @@ export const TYPES = { label: () => _t('Premium'), logo: () => , description: () => _t('Premium hosting for organisations Learn more', {}, { - a: sub => + a: sub => {sub} , }), diff --git a/src/components/views/context_menus/MessageContextMenu.js b/src/components/views/context_menus/MessageContextMenu.js index ea5623fe48..be1c11ef97 100644 --- a/src/components/views/context_menus/MessageContextMenu.js +++ b/src/components/views/context_menus/MessageContextMenu.js @@ -420,7 +420,7 @@ export default createReactClass({ onClick={this.onPermalinkClick} href={permalink} target="_blank" - rel="noopener" + rel="noreferrer noopener" > { mxEvent.isRedacted() || mxEvent.getType() !== 'm.room.message' ? _t('Share Permalink') : _t('Share Message') } @@ -445,7 +445,7 @@ export default createReactClass({ element="a" className="mx_MessageContextMenu_field" target="_blank" - rel="noopener" + rel="noreferrer noopener" onClick={this.closeMenu} href={mxEvent.event.content.external_url} > diff --git a/src/components/views/context_menus/TopLeftMenu.js b/src/components/views/context_menus/TopLeftMenu.js index 51ec202b90..f1309cac2d 100644 --- a/src/components/views/context_menus/TopLeftMenu.js +++ b/src/components/views/context_menus/TopLeftMenu.js @@ -68,10 +68,11 @@ export default class TopLeftMenu extends React.Component { {_t( "Upgrade to your own domain", {}, { - a: sub => {sub}, + a: sub => + {sub}, }, )} - + ; diff --git a/src/components/views/dialogs/ChangelogDialog.js b/src/components/views/dialogs/ChangelogDialog.js index e58f56a639..ab284cdb2e 100644 --- a/src/components/views/dialogs/ChangelogDialog.js +++ b/src/components/views/dialogs/ChangelogDialog.js @@ -52,7 +52,7 @@ export default class ChangelogDialog extends React.Component { _elementsForCommit(commit) { return (
  • - + {commit.commit.message.split('\n')[0]}
    • diff --git a/src/components/views/dialogs/InviteDialog.js b/src/components/views/dialogs/InviteDialog.js index 587fb9e454..15e307fcd0 100644 --- a/src/components/views/dialogs/InviteDialog.js +++ b/src/components/views/dialogs/InviteDialog.js @@ -1046,7 +1046,7 @@ export default class InviteDialog extends React.PureComponent { "If you can't find someone, ask them for their username, share your " + "username (%(userId)s) or profile link.", {userId}, - {a: (sub) => {sub}}, + {a: (sub) => {sub}}, ); buttonText = _t("Go"); goButtonFn = this._startDm; @@ -1055,7 +1055,10 @@ export default class InviteDialog extends React.PureComponent { helpText = _t( "If you can't find someone, ask them for their username (e.g. @user:server.com) or " + "share this room.", {}, - {a: (sub) => {sub}}, + { + a: (sub) => + {sub}, + }, ); buttonText = _t("Invite"); goButtonFn = this._inviteUsers; diff --git a/src/components/views/dialogs/ShareDialog.js b/src/components/views/dialogs/ShareDialog.js index 842c7fc109..b42a88ceac 100644 --- a/src/components/views/dialogs/ShareDialog.js +++ b/src/components/views/dialogs/ShareDialog.js @@ -218,7 +218,7 @@ export default class ShareDialog extends React.Component {
    { - socials.map((social) => {serviceName} {summary} - {termDoc[termsLang].name} + {termDoc[termsLang].name} { name }; + name = { name }; } return name; } @@ -216,7 +216,7 @@ export default class ImageView extends React.Component { { this.getName() }
    { eventMeta } - +
    { _t('Download this file') }
    { sizeRes } diff --git a/src/components/views/messages/MFileBody.js b/src/components/views/messages/MFileBody.js index f67cd1b2b0..886afbb666 100644 --- a/src/components/views/messages/MFileBody.js +++ b/src/components/views/messages/MFileBody.js @@ -297,7 +297,7 @@ export default createReactClass({ } else if (contentUrl) { const downloadProps = { target: "_blank", - rel: "noopener", + rel: "noreferrer noopener", // We set the href regardless of whether or not we intercept the download // because we don't really want to convert the file to a blob eagerly, and diff --git a/src/components/views/messages/TextualBody.js b/src/components/views/messages/TextualBody.js index d74170919e..ac0fc65ff4 100644 --- a/src/components/views/messages/TextualBody.js +++ b/src/components/views/messages/TextualBody.js @@ -374,7 +374,9 @@ export default createReactClass({ const height = window.screen.height > 800 ? 800 : window.screen.height; const left = (window.screen.width - width) / 2; const top = (window.screen.height - height) / 2; - window.open(completeUrl, '_blank', `height=${height}, width=${width}, top=${top}, left=${left},`); + const features = `height=${height}, width=${width}, top=${top}, left=${left},`; + const wnd = window.open(completeUrl, '_blank', features); + wnd.opener = null; }, }); }); diff --git a/src/components/views/rooms/AuxPanel.js b/src/components/views/rooms/AuxPanel.js index 50b25cb96f..0b34739e0e 100644 --- a/src/components/views/rooms/AuxPanel.js +++ b/src/components/views/rooms/AuxPanel.js @@ -219,7 +219,7 @@ export default createReactClass({ if (link) { span = ( -     + { span } ); diff --git a/src/components/views/rooms/LinkPreviewWidget.js b/src/components/views/rooms/LinkPreviewWidget.js index c6374db464..4169a763b7 100644 --- a/src/components/views/rooms/LinkPreviewWidget.js +++ b/src/components/views/rooms/LinkPreviewWidget.js @@ -136,7 +136,7 @@ export default createReactClass({
    { img }
    -
    { p["og:title"] }
    +
    { p["og:title"] }
    { p["og:site_name"] ? (" - " + p["og:site_name"]) : null }
    { description } diff --git a/src/components/views/rooms/RoomPreviewBar.js b/src/components/views/rooms/RoomPreviewBar.js index 9af06190f7..4ff5dd5198 100644 --- a/src/components/views/rooms/RoomPreviewBar.js +++ b/src/components/views/rooms/RoomPreviewBar.js @@ -509,7 +509,7 @@ export default createReactClass({ "submit a bug report.", { errcode: this.props.error.errcode }, { issueLink: label => { label } }, + target="_blank" rel="noreferrer noopener">{ label } }, ), ]; break; diff --git a/src/components/views/settings/ChangePassword.js b/src/components/views/settings/ChangePassword.js index 3ba276d1fa..b51ff6cf9d 100644 --- a/src/components/views/settings/ChangePassword.js +++ b/src/components/views/settings/ChangePassword.js @@ -119,7 +119,7 @@ export default createReactClass({ 'In future this will be improved.', ) } {' '} - + https://github.com/vector-im/riot-web/issues/2671
    , diff --git a/src/components/views/settings/EventIndexPanel.js b/src/components/views/settings/EventIndexPanel.js index 80d93c4562..203a7ee46e 100644 --- a/src/components/views/settings/EventIndexPanel.js +++ b/src/components/views/settings/EventIndexPanel.js @@ -172,7 +172,7 @@ export default class EventIndexPanel extends React.Component { {}, { 'nativeLink': (sub) => {sub}, + rel="noreferrer noopener">{sub}, }, ) } @@ -188,7 +188,7 @@ export default class EventIndexPanel extends React.Component { {}, { 'riotLink': (sub) => {sub}, + target="_blank" rel="noreferrer noopener">{sub}, }, ) } diff --git a/src/components/views/settings/ProfileSettings.js b/src/components/views/settings/ProfileSettings.js index 8d2c289b15..72dfe7a983 100644 --- a/src/components/views/settings/ProfileSettings.js +++ b/src/components/views/settings/ProfileSettings.js @@ -132,10 +132,10 @@ export default class ProfileSettings extends React.Component { {_t( "Upgrade to your own domain", {}, { - a: sub => {sub}, + a: sub => {sub}, }, )} - + ; diff --git a/src/components/views/settings/tabs/room/BridgeSettingsTab.js b/src/components/views/settings/tabs/room/BridgeSettingsTab.js index d66732de55..a5d20eae33 100644 --- a/src/components/views/settings/tabs/room/BridgeSettingsTab.js +++ b/src/components/views/settings/tabs/room/BridgeSettingsTab.js @@ -68,7 +68,7 @@ export default class BridgeSettingsTab extends React.Component { { // TODO: We don't have this link yet: this will prevent the translators // having to re-translate the string when we do. - a: sub => {sub}, + a: sub => {sub}, }, )}

      @@ -82,7 +82,7 @@ export default class BridgeSettingsTab extends React.Component { { // TODO: We don't have this link yet: this will prevent the translators // having to re-translate the string when we do. - a: sub => {sub}, + a: sub => {sub}, }, )}

      ; } diff --git a/src/components/views/settings/tabs/room/SecurityRoomSettingsTab.js b/src/components/views/settings/tabs/room/SecurityRoomSettingsTab.js index 480d55c044..3ee92c31c8 100644 --- a/src/components/views/settings/tabs/room/SecurityRoomSettingsTab.js +++ b/src/components/views/settings/tabs/room/SecurityRoomSettingsTab.js @@ -97,7 +97,7 @@ export default class SecurityRoomSettingsTab extends React.Component { {}, { 'a': (sub) => { - return {sub}; }, }, diff --git a/src/components/views/settings/tabs/user/HelpUserSettingsTab.js b/src/components/views/settings/tabs/user/HelpUserSettingsTab.js index a245c7c7b9..258b55bb4e 100644 --- a/src/components/views/settings/tabs/user/HelpUserSettingsTab.js +++ b/src/components/views/settings/tabs/user/HelpUserSettingsTab.js @@ -37,7 +37,7 @@ const ghVersionLabel = function(repo, token='') { } else { url = `https://github.com/${repo}/commit/${token.split('-')[0]}`; } - return { token }; + return { token }; }; export default class HelpUserSettingsTab extends React.Component { @@ -110,7 +110,7 @@ export default class HelpUserSettingsTab extends React.Component { const legalLinks = []; for (const tocEntry of SdkConfig.get().terms_and_conditions_links) { legalLinks.push(
      - {tocEntry.text} + {tocEntry.text}
      ); } @@ -132,27 +132,27 @@ export default class HelpUserSettingsTab extends React.Component { {_t("Credits")} @@ -162,7 +162,8 @@ export default class HelpUserSettingsTab extends React.Component { render() { let faqText = _t('For help with using Riot, click here.', {}, { - 'a': (sub) => {sub}, + 'a': (sub) => + {sub}, }); if (SdkConfig.get().welcomeUserId && getCurrentLanguage().startsWith('en')) { faqText = ( @@ -170,7 +171,7 @@ export default class HelpUserSettingsTab extends React.Component { { _t('For help with using Riot, click here or start a chat with our ' + 'bot using the button below.', {}, { - 'a': (sub) => {sub}, }) } diff --git a/src/components/views/settings/tabs/user/LabsUserSettingsTab.js b/src/components/views/settings/tabs/user/LabsUserSettingsTab.js index 2b992c7add..3e69107159 100644 --- a/src/components/views/settings/tabs/user/LabsUserSettingsTab.js +++ b/src/components/views/settings/tabs/user/LabsUserSettingsTab.js @@ -55,7 +55,7 @@ export default class LabsUserSettingsTab extends React.Component { 'Learn more.', {}, { 'a': (sub) => { return {sub}; + rel='noreferrer noopener' target='_blank'>{sub}; }, }) } diff --git a/src/components/views/terms/InlineTermsAgreement.js b/src/components/views/terms/InlineTermsAgreement.js index 75e8eccea3..bccd686cd3 100644 --- a/src/components/views/terms/InlineTermsAgreement.js +++ b/src/components/views/terms/InlineTermsAgreement.js @@ -77,7 +77,7 @@ export default class InlineTermsAgreement extends React.Component { "Accept to continue:", {}, { policyLink: () => { return ( - + {policy.name} diff --git a/src/linkify-matrix.js b/src/linkify-matrix.js index 889bad682c..8870b2d431 100644 --- a/src/linkify-matrix.js +++ b/src/linkify-matrix.js @@ -227,7 +227,7 @@ matrixLinkify.options = { }, linkAttributes: { - rel: 'noopener', + rel: 'noreferrer noopener', }, target: function(href, type) { diff --git a/src/usercontent/index.js b/src/usercontent/index.js index b87ccb9dbb..08769d6bd1 100644 --- a/src/usercontent/index.js +++ b/src/usercontent/index.js @@ -15,8 +15,7 @@ function remoteRender(event) { const a = document.createElement("a"); a.id = "a"; - a.rel = "noopener"; - a.target = "_blank"; + a.rel = "noreferrer noopener"; a.download = data.download; a.style = data.style; a.style.fontFamily = "Arial, Helvetica, Sans-Serif"; diff --git a/src/utils/AutoDiscoveryUtils.js b/src/utils/AutoDiscoveryUtils.js index 49898aae90..328aa9c776 100644 --- a/src/utils/AutoDiscoveryUtils.js +++ b/src/utils/AutoDiscoveryUtils.js @@ -78,7 +78,7 @@ export default class AutoDiscoveryUtils { return {sub}; }, }, diff --git a/src/utils/ErrorUtils.js b/src/utils/ErrorUtils.js index 51b130bdb6..f0a4d7c49e 100644 --- a/src/utils/ErrorUtils.js +++ b/src/utils/ErrorUtils.js @@ -36,7 +36,7 @@ export function messageForResourceLimitError(limitType, adminContact, strings, e const linkSub = sub => { if (adminContact) { - return {sub}; + return {sub}; } else { return sub; } diff --git a/test/components/views/messages/TextualBody-test.js b/test/components/views/messages/TextualBody-test.js index 4e0785a8b9..4ad46586ae 100644 --- a/test/components/views/messages/TextualBody-test.js +++ b/test/components/views/messages/TextualBody-test.js @@ -121,7 +121,7 @@ describe("", () => { expect(wrapper.text()).toBe(ev.getContent().body); const content = wrapper.find(".mx_EventTile_body"); expect(content.html()).toBe('' + - 'Visit ' + + 'Visit ' + 'https://matrix.org/'); }); });