From 9e43b9070c1052787e96584eba842ff2317046a4 Mon Sep 17 00:00:00 2001
From: akwizgran <akwizgran@users.sourceforge.net>
Date: Mon, 13 Nov 2017 17:00:32 +0000
Subject: [PATCH] Disable window.opener object when using target="_blank".
See https://www.jitbit.com/alexblog/256-targetblank---the-most-underestimated-vulnerability-ever/ for details.
---
about.html | 8 ++++----
apk.html | 8 ++++----
building.html | 8 ++++----
copyright.html | 8 ++++----
download.html | 10 +++++-----
fdroid.html | 8 ++++----
get-involved.html | 8 ++++----
hiring.html | 8 ++++----
how-it-works.html | 8 ++++----
index.html | 12 ++++++------
privacy.html | 8 ++++----
11 files changed, 47 insertions(+), 47 deletions(-)
diff --git a/about.html b/about.html
index 41f5953..1ef6ada 100644
--- a/about.html
+++ b/about.html
@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
- <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
+ <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
@@ -79,9 +79,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
- <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
+ <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
diff --git a/apk.html b/apk.html
index 01268cf..2418780 100644
--- a/apk.html
+++ b/apk.html
@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
- <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
+ <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
@@ -83,9 +83,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
- <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
+ <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
diff --git a/building.html b/building.html
index 341d63c..94356e7 100644
--- a/building.html
+++ b/building.html
@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
- <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
+ <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
@@ -109,9 +109,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
- <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
+ <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
diff --git a/copyright.html b/copyright.html
index d2ecdfd..1668dd6 100644
--- a/copyright.html
+++ b/copyright.html
@@ -16,9 +16,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
- <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
+ <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
@@ -72,9 +72,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
- <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
+ <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
diff --git a/download.html b/download.html
index 2d34036..501eb04 100644
--- a/download.html
+++ b/download.html
@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
- <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
+ <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
@@ -55,7 +55,7 @@
<p>Briar for Android is currently in <a href="news/2017-beta-released-security-audit.html">public beta</a> and is available for download from Google Play.</p>
<p>
- <a href="https://play.google.com/store/apps/details?id=org.briarproject.briar.beta" target="_blank"><img id="playbutton" src="img/google_play_badge_web_generic.png" alt="Get it on Google Play" border="0"/></a>
+ <a href="https://play.google.com/store/apps/details?id=org.briarproject.briar.beta" rel="noopener noreferrer" target="_blank"><img id="playbutton" src="img/google_play_badge_web_generic.png" alt="Get it on Google Play" border="0"/></a>
<a href="fdroid.html"><img id="fdroidbutton" src="img/fdroid_badge.png" alt="Get it on F-Droid" border="0"/></a>
</p>
@@ -78,9 +78,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
- <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
+ <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
diff --git a/fdroid.html b/fdroid.html
index b2a7db4..f3829bf 100644
--- a/fdroid.html
+++ b/fdroid.html
@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
- <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
+ <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
@@ -79,9 +79,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
- <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
+ <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
diff --git a/get-involved.html b/get-involved.html
index 56154e6..7ab2bda 100644
--- a/get-involved.html
+++ b/get-involved.html
@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
- <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
+ <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
@@ -69,9 +69,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
- <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
+ <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
diff --git a/hiring.html b/hiring.html
index 70a7839..3973843 100644
--- a/hiring.html
+++ b/hiring.html
@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
- <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
+ <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
@@ -66,9 +66,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
- <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
+ <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
diff --git a/how-it-works.html b/how-it-works.html
index 4bd3a51..f836e38 100644
--- a/how-it-works.html
+++ b/how-it-works.html
@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
- <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
+ <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
@@ -112,9 +112,9 @@ servers to block.</li>
<div id="footer">
<div id="signup2">
<div id="twitter2">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
- <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
+ <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
diff --git a/index.html b/index.html
index 06a0f1c..97deb15 100644
--- a/index.html
+++ b/index.html
@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
- <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
+ <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
@@ -66,7 +66,7 @@
<li>Free and open source software</li>
</ul>
- <a href="https://play.google.com/store/apps/details?id=org.briarproject.briar.beta" target="_blank"><img id="playbutton" src="img/google_play_badge_web_generic.png" alt="Get it on Google Play" border="0"/></a>
+ <a href="https://play.google.com/store/apps/details?id=org.briarproject.briar.beta" rel="noopener noreferrer" target="_blank"><img id="playbutton" src="img/google_play_badge_web_generic.png" alt="Get it on Google Play" border="0"/></a>
<a href="fdroid.html"><img id="fdroidbutton" src="img/fdroid_badge.png" alt="Get it on F-Droid" border="0"/></a>
</div> <!-- intro -->
@@ -79,7 +79,7 @@
<div id="flattr">
<center>
- <a href="https://flattr.com/t/592836/" target="_blank"><img src="img/flattr-badge-large.png" alt="Flattr this" title="Flattr this" border="0"/></a>
+ <a href="https://flattr.com/t/592836/" rel="noopener noreferrer" target="_blank"><img src="img/flattr-badge-large.png" alt="Flattr this" title="Flattr this" border="0"/></a>
<br />
Bitcoin: 1NZCKkUCtJV2U2Y9hDb9uq8S7ksFCFGR6K
</center>
@@ -95,9 +95,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
- <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
+ <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
diff --git a/privacy.html b/privacy.html
index 5500ab3..1adff3f 100644
--- a/privacy.html
+++ b/privacy.html
@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
- <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
+ <form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
@@ -84,9 +84,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
- <a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
+ <a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
- <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
+ <form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
--
GitLab