wikijs-fork/server
daneallen 4aa7828a92
fix: add rel option to external links in content (#1853)
* #1853: XSS attack fix by adding rel noferrer or rel noopen to _blank target external links

* fix: relAttributeExternalLink noopener

Co-authored-by: danallendds <daniel.allen@friends.dds.mil>
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2020-05-07 16:45:11 -04:00
..
app feat: handle event propagation via DB (HA) 2020-04-19 22:47:02 -04:00
controllers fix: brute-knex refactor 2020-04-21 23:16:13 -04:00
core fix: db inline CA cert reconstruct 2020-04-20 22:00:59 -04:00
db feat: timezone + dateFOrmat + appearance profile settings 2020-05-03 00:38:02 -04:00
graph feat: timezone + dateFOrmat + appearance profile settings 2020-05-03 00:38:02 -04:00
helpers fix: brute-knex refactor 2020-04-21 23:16:13 -04:00
jobs feat: browse nav + pageTree ancestors 2020-04-18 18:33:22 -04:00
locales feat: load dev locale files 2019-02-09 12:34:27 -05:00
middlewares feat: mandatory password change on login + UI fixes 2019-08-24 22:19:54 -04:00
models feat: timezone + dateFOrmat + appearance profile settings 2020-05-03 00:38:02 -04:00
modules fix: add rel option to external links in content (#1853) 2020-05-07 16:45:11 -04:00
templates feat: admin mail - send test email 2019-06-08 00:07:30 -04:00
test/helpers fix: Switch converted to Object Literal (#940) 2019-08-04 16:31:13 -04:00
themes/default feat: admin edit user (wip) 2019-08-11 23:26:29 -04:00
views feat: content tabs 2020-04-26 21:04:08 -04:00
index.js feat: HA event handling + emitting 2020-04-19 22:47:02 -04:00
master.js feat: content license notice option 2020-02-23 15:20:55 -05:00
setup.js fix: browse tree ancestors not converted in mariadb 2020-04-24 00:07:27 -04:00