wikijs-fork/server/modules/rendering/html-core/definition.yml
daneallen 4aa7828a92
fix: add rel option to external links in content (#1853)
* #1853: XSS attack fix by adding rel noferrer or rel noopen to _blank target external links

* fix: relAttributeExternalLink noopener

Co-authored-by: danallendds <daniel.allen@friends.dds.mil>
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2020-05-07 16:45:11 -04:00

30 lines
836 B
YAML

key: htmlCore
title: Core
description: Basic HTML Parser
author: requarks.io
input: html
output: html
icon: mdi-language-html5
props:
absoluteLinks:
type: Boolean
default: false
title: Treat relative links as root absolute
hint: For example, a link to foo/bar on page xyz will render as /foo/bar instead of /xyz/foo/bar.
order: 1
openExternalLinkNewTab:
type: Boolean
default: false
title: Open external links in a new tab
hint: External links will have a _blank target attribute added automatically.
order: 2
relAttributeExternalLink:
type: String
default: noreferrer
title: Protect against XSS when opening _blank target links
hint: External links with _blank attribute will have an additional rel attribute.
order: 3
enum:
- noreferrer
- noopener