revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-27 17:22:42 +01:00
Code Issues Releases Wiki Activity
phorge-phorge/src/applications/calendar
History
epriestley 05a4c55c52 Explicitly add rel="noreferrer" to all external links 
Summary: See D19117. Instead of automatically figuring this out inside `phutil_tag()`, explicitly add rel="noreferrer" at the application level to all external links.

Test Plan:
  - Grepped for `_blank`, `isValidRemoteURIForLink`, checked all callsites for user-controlled data.
  - Created a link menu item, verified noreferrer in markup.
  - Created a link custom field, verified no referrer in markup.
  - Verified noreferrer for `{nav href=...}`.

Subscribers: PHID-OPKG-gm6ozazyms6q6i22gyam

Differential Revision: https://secure.phabricator.com/D19118
2018-02-17 17:46:11 -08:00
..
__tests__ Fix errors found by PHPStan 2017-02-17 10:10:15 +00:00
application Allow users to mark themselves as "Available", "Busy" or "Away" while attending an event 2016-11-04 16:55:44 -07:00
capability Provide default view and edit policies in Calendar, plus "Event Host" and "Event Invitees" 2016-07-13 15:42:12 -07:00
codex Require several advanced postgraduate degrees to understand object policies 2016-11-09 15:05:38 -08:00
command Convert Calendar to Modular Transactions 2016-07-13 07:46:33 -07:00
conduit Add calendar.event.search and calendar.event.edit 2016-07-13 10:17:46 -07:00
controller Clean up some colors missing from PHUITagView type shade 2017-05-22 10:52:10 -07:00
editor Use object PHIDs for "Thread-Topic" headers in mail 2018-02-08 06:21:00 -08:00
herald Define available Herald rule repetition options in terms of "isSingleEventAdapter()" 2018-01-26 11:02:35 -08:00
icon Fix spelling 2017-10-09 10:48:04 -07:00
import Explicitly add rel="noreferrer" to all external links 2018-02-17 17:46:11 -08:00
importlog Queue large ICS files for background import 2016-11-06 07:46:21 -08:00
mail phtize all the things 2015-05-22 21:16:39 +10:00
management Provide a standalone bin/calendar reload ... workflow for testing/debugging 2016-11-07 10:55:18 -08:00
notifications Don't notify without notifiable attendees 2017-12-21 12:46:46 -08:00
phid Remove "isCancelledEvent()" wrapper on Calendar Events 2016-10-31 15:30:21 -07:00
policyrule Improve Calendar event behavior for group invites 2016-11-15 11:16:55 -08:00
query Fix an issue where recurring ghost events could go missing if queried with a limit 2017-04-10 08:48:21 -07:00
remarkup Calendar event monograms, part 3. Remarkup for calendar event monograms. 2015-04-27 14:27:34 -07:00
search Support Ferret engine in Calendar 2017-09-07 13:25:12 -07:00
storage Support Ferret engine in Calendar 2017-09-07 13:25:12 -07:00
typeahead Make Calendar query for indirect invites/RSVPs by default, like Differential 2016-11-15 12:47:01 -08:00
util Fix spelling 2017-10-09 10:48:04 -07:00
view Search and Replace calls to setShade 2017-05-22 18:59:53 +00:00
worker Queue large ICS files for background import 2016-11-06 07:46:21 -08:00
xaction Fix spelling 2017-10-09 10:48:04 -07:00