Commit 9e43b907 authored by akwizgran's avatar akwizgran

Disable window.opener object when using target="_blank".

See https://www.jitbit.com/alexblog/256-targetblank---the-most-underestimated-vulnerability-ever/ for details.
parent e1da648e
......@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
......@@ -79,9 +79,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
......
......@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
......@@ -83,9 +83,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
......
......@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
......@@ -109,9 +109,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
......
......@@ -16,9 +16,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
......@@ -72,9 +72,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
......
......@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
......@@ -55,7 +55,7 @@
<p>Briar for Android is currently in <a href="news/2017-beta-released-security-audit.html">public beta</a> and is available for download from Google Play.</p>
<p>
<a href="https://play.google.com/store/apps/details?id=org.briarproject.briar.beta" target="_blank"><img id="playbutton" src="img/google_play_badge_web_generic.png" alt="Get it on Google Play" border="0"/></a>
<a href="https://play.google.com/store/apps/details?id=org.briarproject.briar.beta" rel="noopener noreferrer" target="_blank"><img id="playbutton" src="img/google_play_badge_web_generic.png" alt="Get it on Google Play" border="0"/></a>
<a href="fdroid.html"><img id="fdroidbutton" src="img/fdroid_badge.png" alt="Get it on F-Droid" border="0"/></a>
</p>
......@@ -78,9 +78,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
......
......@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
......@@ -79,9 +79,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
......
......@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
......@@ -69,9 +69,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
......
......@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
......@@ -66,9 +66,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
......
......@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
......@@ -112,9 +112,9 @@ servers to block.</li>
<div id="footer">
<div id="signup2">
<div id="twitter2">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
......
......@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
......@@ -66,7 +66,7 @@
<li>Free and open source software</li>
</ul>
<a href="https://play.google.com/store/apps/details?id=org.briarproject.briar.beta" target="_blank"><img id="playbutton" src="img/google_play_badge_web_generic.png" alt="Get it on Google Play" border="0"/></a>
<a href="https://play.google.com/store/apps/details?id=org.briarproject.briar.beta" rel="noopener noreferrer" target="_blank"><img id="playbutton" src="img/google_play_badge_web_generic.png" alt="Get it on Google Play" border="0"/></a>
<a href="fdroid.html"><img id="fdroidbutton" src="img/fdroid_badge.png" alt="Get it on F-Droid" border="0"/></a>
</div> <!-- intro -->
......@@ -79,7 +79,7 @@
<div id="flattr">
<center>
<a href="https://flattr.com/t/592836/" target="_blank"><img src="img/flattr-badge-large.png" alt="Flattr this" title="Flattr this" border="0"/></a>
<a href="https://flattr.com/t/592836/" rel="noopener noreferrer" target="_blank"><img src="img/flattr-badge-large.png" alt="Flattr this" title="Flattr this" border="0"/></a>
<br />
Bitcoin: 1NZCKkUCtJV2U2Y9hDb9uq8S7ksFCFGR6K
</center>
......@@ -95,9 +95,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
......
......@@ -17,9 +17,9 @@
<div id="nav">
<div id="signup">
<div id="twitter">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter -->
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm()">
<form id="signupform" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit">Keep me updated</button>
</form>
......@@ -84,9 +84,9 @@
<div id="footer">
<div id="signup2">
<div id="twitter2">
<a href="https://twitter.com/BriarApp" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
<a href="https://twitter.com/BriarApp" rel="noopener noreferrer" target="_blank"><img class="twitterbutton" src="img/twitter.png"/></a>
</div> <!-- twitter2 -->
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" target="_blank" method="get" onSubmit="submitForm2()">
<form id="signupform2" action="https://sourceforge.net/projects/briar/lists/briar-announce" rel="noopener noreferrer" target="_blank" method="get" onSubmit="submitForm2()">
<input placeholder="Email address" type="email" name="email" tabindex="2"></input>
<button name="submit" type="submit" id="signup-submit2">Keep me updated</button>
</form>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment