You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@zeppelin.apache.org by GitBox <gi...@apache.org> on 2021/09/07 07:07:23 UTC

[GitHub] [zeppelin] Reamer commented on pull request #4212: [ZEPPELIN-5395] Address tab nabbing vulnerability

Reamer commented on pull request #4212:
URL: https://github.com/apache/zeppelin/pull/4212#issuecomment-914048005


   > I have applied this fix for all the links apart from the angular rendered. For angular rendered links the more general solution can be applied (https://coryrylan.com/blog/managing-external-links-safely-in-angular), but before I will do this workaround, I would like to confirm it with the maintainers
   
   I would prefer a general solution for Angular. I took a look at the blog post and it seems that the solution works without third party dependencies.
   
   I can confirm that you added the `rel="noopener noreferrer"` to all other links (except in zeppelin-web-angular) with `target="_blank"`.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@zeppelin.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org