Added rel="noopener noreferrer" for target=_blank links

diff --git a/com.woltlab.wcf/templates/quoteBBCodeTag.tpl b/com.woltlab.wcf/templates/quoteBBCodeTag.tpl
index acefb454e4e3b3e81034814a93ddffc2316a21a6..cfb85165ec121162c80aedf2c548a1e5284b45c1 100644 (file)
--- a/com.woltlab.wcf/templates/quoteBBCodeTag.tpl
+++ b/com.woltlab.wcf/templates/quoteBBCodeTag.tpl
@@ -7,7 +7,7 @@
                        <header>
                                <h3>
                                        {if $quoteLink}
-                                               <a href="{@$quoteLink}"{if $isExternalQuoteLink} class="externalURL"{if EXTERNAL_LINK_REL_NOFOLLOW} rel="nofollow"{/if}{if EXTERNAL_LINK_TARGET_BLANK} target="_blank"{/if}{/if}>{lang}wcf.bbcode.quote.title{/lang}</a>
+                                               <a href="{@$quoteLink}"{if $isExternalQuoteLink} class="externalURL"{if EXTERNAL_LINK_REL_NOFOLLOW || EXTERNAL_LINK_TARGET_BLANK} rel="{if EXTERNAL_LINK_REL_NOFOLLOW}nofollow{/if}{if EXTERNAL_LINK_TARGET_BLANK}{if EXTERNAL_LINK_REL_NOFOLLOW} {/if}noopener noreferrer{/if}"{/if}{if EXTERNAL_LINK_TARGET_BLANK} target="_blank"{/if}{/if}>{lang}wcf.bbcode.quote.title{/lang}</a>
                                        {else}
                                                {lang}wcf.bbcode.quote.title{/lang}
                                        {/if}

diff --git a/com.woltlab.wcf/templates/userInformationButtons.tpl b/com.woltlab.wcf/templates/userInformationButtons.tpl
index 9f3adf21c73cfc30192880ed7c2f537996fd61d4..2c8a84c51e4e18066021d8bebe8c86e2a804a36b 100644 (file)
--- a/com.woltlab.wcf/templates/userInformationButtons.tpl
+++ b/com.woltlab.wcf/templates/userInformationButtons.tpl
@@ -3,7 +3,7 @@
                <ul class="buttonList iconList">
                        {content}
                                {if $user->homepage && $user->homepage != 'http://'}
-                                       <li><a class="jsTooltip" href="{$user->homepage}" title="{lang}wcf.user.option.homepage{/lang}"{if EXTERNAL_LINK_REL_NOFOLLOW} rel="nofollow"{/if}{if EXTERNAL_LINK_TARGET_BLANK} target="_blank"{/if}><span class="icon icon16 icon-home"></span> <span class="invisible">{lang}wcf.user.option.homepage{/lang}</span></a></li>
+                                       <li><a class="jsTooltip" href="{$user->homepage}" title="{lang}wcf.user.option.homepage{/lang}"{if EXTERNAL_LINK_REL_NOFOLLOW || EXTERNAL_LINK_TARGET_BLANK} rel="{if EXTERNAL_LINK_REL_NOFOLLOW}nofollow{/if}{if EXTERNAL_LINK_TARGET_BLANK}{if EXTERNAL_LINK_REL_NOFOLLOW} {/if}noopener noreferrer{/if}"{/if}{if EXTERNAL_LINK_TARGET_BLANK} target="_blank"{/if}><span class="icon icon16 icon-home"></span> <span class="invisible">{lang}wcf.user.option.homepage{/lang}</span></a></li>
                                {/if}
                                
                                {if $user->userID != $__wcf->user->userID}

diff --git a/com.woltlab.wcf/templates/usersOnlineList.tpl b/com.woltlab.wcf/templates/usersOnlineList.tpl
index 0e36d161836c8f7d5a1155ea9022a002e20c4159..f26b8cc5cb2934cae342340bcfe042dc8bf7703e 100644 (file)
--- a/com.woltlab.wcf/templates/usersOnlineList.tpl
+++ b/com.woltlab.wcf/templates/usersOnlineList.tpl
@@ -155,7 +155,7 @@
                                        
                                        <div class="details userInformation">
                                                <div class="containerHeadline">
-                                                       <h3>{if $user->getSpider()->spiderURL}<a href="{$user->getSpider()->spiderURL}" class="externalURL"{if EXTERNAL_LINK_TARGET_BLANK} target="_blank"{/if}{if EXTERNAL_LINK_REL_NOFOLLOW} rel="nofollow"{/if}>{$user->getSpider()->spiderName}</a>{else}{$user->getSpider()->spiderName}{/if}</h3>
+                                                       <h3>{if $user->getSpider()->spiderURL}<a href="{$user->getSpider()->spiderURL}" class="externalURL"{if EXTERNAL_LINK_REL_NOFOLLOW || EXTERNAL_LINK_TARGET_BLANK} rel="{if EXTERNAL_LINK_REL_NOFOLLOW}nofollow{/if}{if EXTERNAL_LINK_TARGET_BLANK}{if EXTERNAL_LINK_REL_NOFOLLOW} {/if}noopener noreferrer{/if}"{/if}{if EXTERNAL_LINK_TARGET_BLANK} target="_blank"{/if}>{$user->getSpider()->spiderName}</a>{else}{$user->getSpider()->spiderName}{/if}</h3>
                                                        {@$locationData}
                                                </div>
                                                

diff --git a/wcfsetup/install/files/lib/system/option/user/FacebookUserOptionOutput.class.php b/wcfsetup/install/files/lib/system/option/user/FacebookUserOptionOutput.class.php
index c76870d9a2146375b3b0f8ce04f22e8a733c5226..3a6a4f8213392ed05691a0df58a67bd1ba628a94 100644 (file)
--- a/wcfsetup/install/files/lib/system/option/user/FacebookUserOptionOutput.class.php
+++ b/wcfsetup/install/files/lib/system/option/user/FacebookUserOptionOutput.class.php
@@ -24,6 +24,6 @@ class FacebookUserOptionOutput implements IUserOptionOutput {
                $url = StringUtil::encodeHTML('http://www.facebook.com/'.$value);
                $value = StringUtil::encodeHTML($value);
                
-               return '<a href="'.$url.'" class="externalURL"'.(EXTERNAL_LINK_REL_NOFOLLOW ? ' rel="nofollow"' : '').(EXTERNAL_LINK_TARGET_BLANK ? ' target="_blank"' : '').'>'.$value.'</a>';
+               return '<a href="'.$url.'" class="externalURL"'.((EXTERNAL_LINK_REL_NOFOLLOW || EXTERNAL_LINK_TARGET_BLANK) ? (' rel="'.(EXTERNAL_LINK_REL_NOFOLLOW ? 'nofollow' : '').((EXTERNAL_LINK_REL_NOFOLLOW && EXTERNAL_LINK_TARGET_BLANK) ? ' ' : '').(EXTERNAL_LINK_TARGET_BLANK ? 'noopener noreferrer' : '').'"') : '').(EXTERNAL_LINK_TARGET_BLANK ? ' target="_blank"' : '').'>'.$value.'</a>';
        }
 }

diff --git a/wcfsetup/install/files/lib/system/option/user/GooglePlusUserOptionOutput.class.php b/wcfsetup/install/files/lib/system/option/user/GooglePlusUserOptionOutput.class.php
index d979cca51f3c5e0169d1e8e16f48b6aec206c5b0..e4268fca329e7d38d7a539ea83935e83ca01c7c4 100644 (file)
--- a/wcfsetup/install/files/lib/system/option/user/GooglePlusUserOptionOutput.class.php
+++ b/wcfsetup/install/files/lib/system/option/user/GooglePlusUserOptionOutput.class.php
@@ -24,6 +24,7 @@ class GooglePlusUserOptionOutput implements IUserOptionOutput {
                $url = StringUtil::encodeHTML('https://plus.google.com/'.$value.'/posts');
                $value = StringUtil::encodeHTML($value);
                
-               return '<a href="'.$url.'" class="externalURL"'.(EXTERNAL_LINK_REL_NOFOLLOW ? ' rel="me nofollow"' : ' rel="me"').(EXTERNAL_LINK_TARGET_BLANK ? ' target="_blank"' : '').'>'.$value.'</a>';
+               
+               return '<a href="'.$url.'" class="externalURL"'.((EXTERNAL_LINK_REL_NOFOLLOW || EXTERNAL_LINK_TARGET_BLANK) ? (' rel="'.(EXTERNAL_LINK_REL_NOFOLLOW ? 'nofollow' : '').((EXTERNAL_LINK_REL_NOFOLLOW && EXTERNAL_LINK_TARGET_BLANK) ? ' ' : '').(EXTERNAL_LINK_TARGET_BLANK ? 'noopener noreferrer' : '').' me"') : ' rel="me"').(EXTERNAL_LINK_TARGET_BLANK ? ' target="_blank"' : '').'>'.$value.'</a>';
        }
 }

diff --git a/wcfsetup/install/files/lib/system/option/user/TwitterUserOptionOutput.class.php b/wcfsetup/install/files/lib/system/option/user/TwitterUserOptionOutput.class.php
index a08cb1513b3ea04d5ad7cddc46d8446aa4213f6b..6e1eb2070b8b97b01e36ef425b3476818e826dd7 100644 (file)
--- a/wcfsetup/install/files/lib/system/option/user/TwitterUserOptionOutput.class.php
+++ b/wcfsetup/install/files/lib/system/option/user/TwitterUserOptionOutput.class.php
@@ -24,6 +24,6 @@ class TwitterUserOptionOutput implements IUserOptionOutput {
                $url = StringUtil::encodeHTML('http://twitter.com/'.$value);
                $value = StringUtil::encodeHTML($value);
                
-               return '<a href="'.$url.'" class="externalURL"'.(EXTERNAL_LINK_REL_NOFOLLOW ? ' rel="nofollow"' : '').(EXTERNAL_LINK_TARGET_BLANK ? ' target="_blank"' : '').'>'.$value.'</a>';
+               return '<a href="'.$url.'" class="externalURL"'.((EXTERNAL_LINK_REL_NOFOLLOW || EXTERNAL_LINK_TARGET_BLANK) ? (' rel="'.(EXTERNAL_LINK_REL_NOFOLLOW ? 'nofollow' : '').((EXTERNAL_LINK_REL_NOFOLLOW && EXTERNAL_LINK_TARGET_BLANK) ? ' ' : '').(EXTERNAL_LINK_TARGET_BLANK ? 'noopener noreferrer' : '').'"') : '').(EXTERNAL_LINK_TARGET_BLANK ? ' target="_blank"' : '').'>'.$value.'</a>';
        }
 }

diff --git a/wcfsetup/install/files/lib/system/option/user/URLUserOptionOutput.class.php b/wcfsetup/install/files/lib/system/option/user/URLUserOptionOutput.class.php
index 20c3b377d5c74b1171fad5859a36aa8b2e57cec4..0dcff5a716a33c6575558e6d73f931124377d44c 100644 (file)
--- a/wcfsetup/install/files/lib/system/option/user/URLUserOptionOutput.class.php
+++ b/wcfsetup/install/files/lib/system/option/user/URLUserOptionOutput.class.php
@@ -23,7 +23,7 @@ class URLUserOptionOutput implements IUserOptionOutput {
                
                $value = self::getURL($value);
                $value = StringUtil::encodeHTML($value);
-               return '<a href="'.$value.'" class="externalURL"'.(EXTERNAL_LINK_REL_NOFOLLOW ? ' rel="nofollow"' : '').(EXTERNAL_LINK_TARGET_BLANK ? ' target="_blank"' : '').'>'.$value.'</a>';
+               return '<a href="'.$value.'" class="externalURL"'.((EXTERNAL_LINK_REL_NOFOLLOW || EXTERNAL_LINK_TARGET_BLANK) ? (' rel="'.(EXTERNAL_LINK_REL_NOFOLLOW ? 'nofollow' : '').((EXTERNAL_LINK_REL_NOFOLLOW && EXTERNAL_LINK_TARGET_BLANK) ? ' ' : '').(EXTERNAL_LINK_TARGET_BLANK ? 'noopener noreferrer' : '').'"') : '').(EXTERNAL_LINK_TARGET_BLANK ? ' target="_blank"' : '').'>'.$value.'</a>';
        }
        
        /**

diff --git a/wcfsetup/install/files/lib/util/StringUtil.class.php b/wcfsetup/install/files/lib/util/StringUtil.class.php
index 9f5b7eae936d80f0b9ec400d7bcde9521b4f58db..b09ce450fbc7ecbe673fa6fb41e0e4488557c3b4 100644 (file)
--- a/wcfsetup/install/files/lib/util/StringUtil.class.php
+++ b/wcfsetup/install/files/lib/util/StringUtil.class.php
@@ -759,7 +759,7 @@ final class StringUtil {
                        if (!$encodeTitle) $title = self::encodeHTML($title);
                }
                
-               return '<a href="'.self::encodeHTML($url).'"'.($external ? (' class="externalURL"'.(EXTERNAL_LINK_REL_NOFOLLOW ? ' rel="nofollow"' : '').(EXTERNAL_LINK_TARGET_BLANK ? ' target="_blank"' : '')) : '').'>'.($encodeTitle ? self::encodeHTML($title) : $title).'</a>';
+               return '<a href="'.self::encodeHTML($url).'"'.($external ? (' class="externalURL"'.((EXTERNAL_LINK_REL_NOFOLLOW || EXTERNAL_LINK_TARGET_BLANK) ? (' rel="'.(EXTERNAL_LINK_REL_NOFOLLOW ? 'nofollow' : '').((EXTERNAL_LINK_REL_NOFOLLOW && EXTERNAL_LINK_TARGET_BLANK) ? ' ' : '').(EXTERNAL_LINK_TARGET_BLANK ? 'noopener noreferrer' : '').'"') : '').(EXTERNAL_LINK_TARGET_BLANK ? ' target="_blank"' : '')) : '').'>'.($encodeTitle ? self::encodeHTML($title) : $title).'</a>';
        }
        
        /**