mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Consistently use rel=noreferrer 

When linking to external entities we should consistently use rel=noreferrer
This commit is contained in:
Lukas Reschke 2016-03-20 11:38:14 +01:00
parent 1f1d87d413
commit 6ad957906e
14 changed files with 55 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/files/templates/appnavigation.php
View File

@ -18,7 +18,7 @@
<div id="app-settings-content"> <div id="app-settings-content">
<label for="webdavurl"><?php p($l->t('WebDAV'));?></label> <label for="webdavurl"><?php p($l->t('WebDAV'));?></label>
<input id="webdavurl" type="text" readonly="readonly" value="<?php p(\OCP\Util::linkToRemote('webdav')); ?>" /> <input id="webdavurl" type="text" readonly="readonly" value="<?php p(\OCP\Util::linkToRemote('webdav')); ?>" />
<em><?php print_unescaped($l->t('Use this address to <a href="%s" target="_blank">access your Files via WebDAV</a>', array(link_to_docs('user-webdav'))));?></em> <em><?php print_unescaped($l->t('Use this address to <a href="%s" target="_blank" rel="noreferrer">access your Files via WebDAV</a>', array(link_to_docs('user-webdav'))));?></em>
</div> </div>
</div> </div>
</div> </div>

2
apps/files_sharing/templates/settings-admin.php
View File

@ -4,7 +4,7 @@
?> ?>
<div id="fileSharingSettings"> <div id="fileSharingSettings">
<h3><?php p($l->t('Federated Cloud Sharing'));?></h3> <h3><?php p($l->t('Federated Cloud Sharing'));?></h3>
<a target="_blank" class="icon-info svg" <a target="_blank" rel="noreferrer" class="icon-info svg"
title="<?php p($l->t('Open documentation'));?>" title="<?php p($l->t('Open documentation'));?>"
href="<?php p(link_to_docs('admin-sharing-federated')); ?>"></a> href="<?php p(link_to_docs('admin-sharing-federated')); ?>"></a>

4
apps/files_sharing/templates/settings-personal.php
View File

@ -53,7 +53,7 @@ if ($_['showShareIT']) {
<div class="hidden" id="oca-files-sharing-add-to-your-website-expanded"> <div class="hidden" id="oca-files-sharing-add-to-your-website-expanded">
<p style="margin: 10px 0"> <p style="margin: 10px 0">
<a target="_blank" href="<?php p($_['reference']); ?>" <a target="_blank" rel="noreferrer" href="<?php p($_['reference']); ?>"
style="padding:10px;background-color:#1d2d44;color:#fff;border-radius:3px;padding-left:4px;"> style="padding:10px;background-color:#1d2d44;color:#fff;border-radius:3px;padding-left:4px;">
<img src="<?php p($_['owncloud_logo_path']); ?>" <img src="<?php p($_['owncloud_logo_path']); ?>"
style="width:50px;position:relative;top:8px;"> style="width:50px;position:relative;top:8px;">
@ -63,7 +63,7 @@ if ($_['showShareIT']) {
<p> <p>
<?php p($l->t('HTML Code:')); ?> <?php p($l->t('HTML Code:')); ?>
<xmp><a target="_blank" href="<?php p($_['reference']); ?>" <xmp><a target="_blank" rel="noreferrer" href="<?php p($_['reference']); ?>"
style="padding:10px;background-color:#1d2d44;color:#fff;border-radius:3px;padding-left:4px;"> style="padding:10px;background-color:#1d2d44;color:#fff;border-radius:3px;padding-left:4px;">
<img src="<?php p(\OC::$server->getURLGenerator()->getAbsoluteURL($_['owncloud_logo_path'])); ?>" <img src="<?php p(\OC::$server->getURLGenerator()->getAbsoluteURL($_['owncloud_logo_path'])); ?>"
style="width:50px;position:relative;top:8px;"> style="width:50px;position:relative;top:8px;">

2
apps/user_ldap/templates/part.settingcontrols.php
View File

@ -3,7 +3,7 @@
<?php p($l->t('Test Configuration'));?> <?php p($l->t('Test Configuration'));?>
</button> </button>
<a href="<?php p(\OC::$server->getURLGenerator()->linkToDocs('admin-ldap')); ?>" <a href="<?php p(\OC::$server->getURLGenerator()->linkToDocs('admin-ldap')); ?>"
target="_blank"> target="_blank" rel="noreferrer">
<img src="<?php print_unescaped(OCP\Util::imagePath('', 'actions/info.png')); ?>" <img src="<?php print_unescaped(OCP\Util::imagePath('', 'actions/info.png')); ?>"
style="height:1.75ex" /> style="height:1.75ex" />
<?php p($l->t('Help'));?> <?php p($l->t('Help'));?>

2
apps/user_ldap/templates/part.wizardcontrols.php
View File

@ -9,7 +9,7 @@
<?php p($l->t('Continue'));?> <?php p($l->t('Continue'));?>
</button> </button>
<a href="<?php p(\OC::$server->getURLGenerator()->linkToDocs('admin-ldap')); ?>" <a href="<?php p(\OC::$server->getURLGenerator()->linkToDocs('admin-ldap')); ?>"
target="_blank"> target="_blank" rel="noreferrer">
<img src="<?php print_unescaped(OCP\Util::imagePath('', 'actions/info.png')); ?>" <img src="<?php print_unescaped(OCP\Util::imagePath('', 'actions/info.png')); ?>"
style="height:1.75ex" /> style="height:1.75ex" />
<span class="ldap_grey"><?php p($l->t('Help'));?></span> <span class="ldap_grey"><?php p($l->t('Help'));?></span>

16
core/js/setupchecks.js
View File

@ -66,7 +66,7 @@
if (xhr.status !== 207) { if (xhr.status !== 207) {
var docUrl = placeholderUrl.replace('PLACEHOLDER', 'admin-setup-well-known-URL'); var docUrl = placeholderUrl.replace('PLACEHOLDER', 'admin-setup-well-known-URL');
messages.push({ messages.push({
msg: t('core', 'Your web server is not set up properly to resolve "{url}". Further information can be found in our <a target="_blank" href="{docLink}">documentation</a>.', { docLink: docUrl, url: url }), msg: t('core', 'Your web server is not set up properly to resolve "{url}". Further information can be found in our <a target="_blank" rel="noreferrer" href="{docLink}">documentation</a>.', { docLink: docUrl, url: url }),
type: OC.SetupChecks.MESSAGE_TYPE_INFO type: OC.SetupChecks.MESSAGE_TYPE_INFO
}); });
} }
@ -99,13 +99,13 @@
} }
if(!data.isMemcacheConfigured) { if(!data.isMemcacheConfigured) {
messages.push({ messages.push({
msg: t('core', 'No memory cache has been configured. To enhance your performance please configure a memcache if available. Further information can be found in our <a target="_blank" href="{docLink}">documentation</a>.', {docLink: data.memcacheDocs}), msg: t('core', 'No memory cache has been configured. To enhance your performance please configure a memcache if available. Further information can be found in our <a target="_blank" rel="noreferrer" href="{docLink}">documentation</a>.', {docLink: data.memcacheDocs}),
type: OC.SetupChecks.MESSAGE_TYPE_INFO type: OC.SetupChecks.MESSAGE_TYPE_INFO
}); });
} }
if(!data.isUrandomAvailable) { if(!data.isUrandomAvailable) {
messages.push({ messages.push({
msg: t('core', '/dev/urandom is not readable by PHP which is highly discouraged for security reasons. Further information can be found in our <a target="_blank" href="{docLink}">documentation</a>.', {docLink: data.securityDocs}), msg: t('core', '/dev/urandom is not readable by PHP which is highly discouraged for security reasons. Further information can be found in our <a target="_blank" rel="noreferrer" href="{docLink}">documentation</a>.', {docLink: data.securityDocs}),
type: OC.SetupChecks.MESSAGE_TYPE_WARNING type: OC.SetupChecks.MESSAGE_TYPE_WARNING
}); });
} }
@ -117,19 +117,19 @@
} }
if(data.phpSupported && data.phpSupported.eol) { if(data.phpSupported && data.phpSupported.eol) {
messages.push({ messages.push({
msg: t('core', 'You are currently running PHP {version}. We encourage you to upgrade your PHP version to take advantage of <a target="_blank" href="{phpLink}">performance and security updates provided by the PHP Group</a> as soon as your distribution supports it.', {version: data.phpSupported.version, phpLink: 'https://secure.php.net/supported-versions.php'}), msg: t('core', 'You are currently running PHP {version}. We encourage you to upgrade your PHP version to take advantage of <a target="_blank" rel="noreferrer" href="{phpLink}">performance and security updates provided by the PHP Group</a> as soon as your distribution supports it.', {version: data.phpSupported.version, phpLink: 'https://secure.php.net/supported-versions.php'}),
type: OC.SetupChecks.MESSAGE_TYPE_INFO type: OC.SetupChecks.MESSAGE_TYPE_INFO
}); });
} }
if(!data.forwardedForHeadersWorking) { if(!data.forwardedForHeadersWorking) {
messages.push({ messages.push({
msg: t('core', 'The reverse proxy headers configuration is incorrect, or you are accessing ownCloud from a trusted proxy. If you are not accessing ownCloud from a trusted proxy, this is a security issue and can allow an attacker to spoof their IP address as visible to ownCloud. Further information can be found in our <a target="_blank" href="{docLink}">documentation</a>.', {docLink: data.reverseProxyDocs}), msg: t('core', 'The reverse proxy headers configuration is incorrect, or you are accessing ownCloud from a trusted proxy. If you are not accessing ownCloud from a trusted proxy, this is a security issue and can allow an attacker to spoof their IP address as visible to ownCloud. Further information can be found in our <a target="_blank" rel="noreferrer" href="{docLink}">documentation</a>.', {docLink: data.reverseProxyDocs}),
type: OC.SetupChecks.MESSAGE_TYPE_WARNING type: OC.SetupChecks.MESSAGE_TYPE_WARNING
}); });
} }
if(!data.isCorrectMemcachedPHPModuleInstalled) { if(!data.isCorrectMemcachedPHPModuleInstalled) {
messages.push({ messages.push({
msg: t('core', 'Memcached is configured as distributed cache, but the wrong PHP module "memcache" is installed. \\OC\\Memcache\\Memcached only supports "memcached" and not "memcache". See the <a target="_blank" href="{wikiLink}">memcached wiki about both modules</a>.', {wikiLink: 'https://code.google.com/p/memcached/wiki/PHPClientComparison'}), msg: t('core', 'Memcached is configured as distributed cache, but the wrong PHP module "memcache" is installed. \\OC\\Memcache\\Memcached only supports "memcached" and not "memcache". See the <a target="_blank" rel="noreferrer" href="{wikiLink}">memcached wiki about both modules</a>.', {wikiLink: 'https://code.google.com/p/memcached/wiki/PHPClientComparison'}),
type: OC.SetupChecks.MESSAGE_TYPE_WARNING type: OC.SetupChecks.MESSAGE_TYPE_WARNING
}); });
} }
@ -137,7 +137,7 @@
messages.push({ messages.push({
msg: t( msg: t(
'core', 'core',
'Some files have not passed the integrity check. Further information on how to resolve this issue can be found in our <a target="_blank" href="{docLink}">documentation</a>. (<a href="{codeIntegrityDownloadEndpoint}">List of invalid files…</a> / <a href="{rescanEndpoint}">Rescan…</a>)', 'Some files have not passed the integrity check. Further information on how to resolve this issue can be found in our <a target="_blank" rel="noreferrer" href="{docLink}">documentation</a>. (<a href="{codeIntegrityDownloadEndpoint}">List of invalid files…</a> / <a href="{rescanEndpoint}">Rescan…</a>)',
{ {
docLink: data.codeIntegrityCheckerDocumentation, docLink: data.codeIntegrityCheckerDocumentation,
codeIntegrityDownloadEndpoint: OC.generateUrl('/settings/integrity/failed'), codeIntegrityDownloadEndpoint: OC.generateUrl('/settings/integrity/failed'),
@ -276,7 +276,7 @@
var minimumSeconds = 15768000; var minimumSeconds = 15768000;
if(isNaN(transportSecurityValidity) || transportSecurityValidity <= (minimumSeconds - 1)) { if(isNaN(transportSecurityValidity) || transportSecurityValidity <= (minimumSeconds - 1)) {
messages.push({ messages.push({
msg: t('core', 'The "Strict-Transport-Security" HTTP header is not configured to at least "{seconds}" seconds. For enhanced security we recommend enabling HSTS as described in our <a href="{docUrl}">security tips</a>.', {'seconds': minimumSeconds, docUrl: '#admin-tips'}), msg: t('core', 'The "Strict-Transport-Security" HTTP header is not configured to at least "{seconds}" seconds. For enhanced security we recommend enabling HSTS as described in our <a href="{docUrl}" rel="noreferrer">security tips</a>.', {'seconds': minimumSeconds, docUrl: '#admin-tips'}),
type: OC.SetupChecks.MESSAGE_TYPE_WARNING type: OC.SetupChecks.MESSAGE_TYPE_WARNING
}); });
} }

20
core/js/tests/specs/setupchecksSpec.js
View File

@ -68,7 +68,7 @@ describe('OC.SetupChecks tests', function() {
async.done(function( data, s, x ){ async.done(function( data, s, x ){
expect(data).toEqual([{ expect(data).toEqual([{
msg: 'Your web server is not set up properly to resolve "/.well-known/caldav/". Further information can be found in our <a target="_blank" href="http://example.org/admin-setup-well-known-URL">documentation</a>.', msg: 'Your web server is not set up properly to resolve "/.well-known/caldav/". Further information can be found in our <a target="_blank" rel="noreferrer" href="http://example.org/admin-setup-well-known-URL">documentation</a>.',
type: OC.SetupChecks.MESSAGE_TYPE_INFO type: OC.SetupChecks.MESSAGE_TYPE_INFO
}]); }]);
done(); done();
@ -164,7 +164,7 @@ describe('OC.SetupChecks tests', function() {
msg: 'This server has no working Internet connection. This means that some of the features like mounting external storage, notifications about updates or installation of third-party apps will not work. Accessing files remotely and sending of notification emails might not work, either. We suggest to enable Internet connection for this server if you want to have all features.', msg: 'This server has no working Internet connection. This means that some of the features like mounting external storage, notifications about updates or installation of third-party apps will not work. Accessing files remotely and sending of notification emails might not work, either. We suggest to enable Internet connection for this server if you want to have all features.',
type: OC.SetupChecks.MESSAGE_TYPE_WARNING type: OC.SetupChecks.MESSAGE_TYPE_WARNING
}, { }, {
msg: 'No memory cache has been configured. To enhance your performance please configure a memcache if available. Further information can be found in our <a target="_blank" href="https://doc.owncloud.org/server/go.php?to=admin-performance">documentation</a>.', msg: 'No memory cache has been configured. To enhance your performance please configure a memcache if available. Further information can be found in our <a target="_blank" rel="noreferrer" href="https://doc.owncloud.org/server/go.php?to=admin-performance">documentation</a>.',
type: OC.SetupChecks.MESSAGE_TYPE_INFO type: OC.SetupChecks.MESSAGE_TYPE_INFO
}]); }]);
done(); done();
@ -196,7 +196,7 @@ describe('OC.SetupChecks tests', function() {
type: OC.SetupChecks.MESSAGE_TYPE_WARNING type: OC.SetupChecks.MESSAGE_TYPE_WARNING
}, },
{ {
msg: 'No memory cache has been configured. To enhance your performance please configure a memcache if available. Further information can be found in our <a target="_blank" href="https://doc.owncloud.org/server/go.php?to=admin-performance">documentation</a>.', msg: 'No memory cache has been configured. To enhance your performance please configure a memcache if available. Further information can be found in our <a target="_blank" rel="noreferrer" href="https://doc.owncloud.org/server/go.php?to=admin-performance">documentation</a>.',
type: OC.SetupChecks.MESSAGE_TYPE_INFO type: OC.SetupChecks.MESSAGE_TYPE_INFO
}]); }]);
done(); done();
@ -253,7 +253,7 @@ describe('OC.SetupChecks tests', function() {
async.done(function( data, s, x ){ async.done(function( data, s, x ){
expect(data).toEqual([{ expect(data).toEqual([{
msg: '/dev/urandom is not readable by PHP which is highly discouraged for security reasons. Further information can be found in our <a target="_blank" href="https://docs.owncloud.org/myDocs.html">documentation</a>.', msg: '/dev/urandom is not readable by PHP which is highly discouraged for security reasons. Further information can be found in our <a target="_blank" rel="noreferrer" href="https://docs.owncloud.org/myDocs.html">documentation</a>.',
type: OC.SetupChecks.MESSAGE_TYPE_WARNING type: OC.SetupChecks.MESSAGE_TYPE_WARNING
}]); }]);
done(); done();
@ -281,7 +281,7 @@ describe('OC.SetupChecks tests', function() {
async.done(function( data, s, x ){ async.done(function( data, s, x ){
expect(data).toEqual([{ expect(data).toEqual([{
msg: 'Memcached is configured as distributed cache, but the wrong PHP module "memcache" is installed. \\OC\\Memcache\\Memcached only supports "memcached" and not "memcache". See the <a target="_blank" href="https://code.google.com/p/memcached/wiki/PHPClientComparison">memcached wiki about both modules</a>.', msg: 'Memcached is configured as distributed cache, but the wrong PHP module "memcache" is installed. \\OC\\Memcache\\Memcached only supports "memcached" and not "memcache". See the <a target="_blank" rel="noreferrer" href="https://code.google.com/p/memcached/wiki/PHPClientComparison">memcached wiki about both modules</a>.',
type: OC.SetupChecks.MESSAGE_TYPE_WARNING type: OC.SetupChecks.MESSAGE_TYPE_WARNING
}]); }]);
done(); done();
@ -309,7 +309,7 @@ describe('OC.SetupChecks tests', function() {
async.done(function( data, s, x ){ async.done(function( data, s, x ){
expect(data).toEqual([{ expect(data).toEqual([{
msg: 'The reverse proxy headers configuration is incorrect, or you are accessing ownCloud from a trusted proxy. If you are not accessing ownCloud from a trusted proxy, this is a security issue and can allow an attacker to spoof their IP address as visible to ownCloud. Further information can be found in our <a target="_blank" href="https://docs.owncloud.org/foo/bar.html">documentation</a>.', msg: 'The reverse proxy headers configuration is incorrect, or you are accessing ownCloud from a trusted proxy. If you are not accessing ownCloud from a trusted proxy, this is a security issue and can allow an attacker to spoof their IP address as visible to ownCloud. Further information can be found in our <a target="_blank" rel="noreferrer" href="https://docs.owncloud.org/foo/bar.html">documentation</a>.',
type: OC.SetupChecks.MESSAGE_TYPE_WARNING type: OC.SetupChecks.MESSAGE_TYPE_WARNING
}]); }]);
done(); done();
@ -358,7 +358,7 @@ describe('OC.SetupChecks tests', function() {
async.done(function( data, s, x ){ async.done(function( data, s, x ){
expect(data).toEqual([{ expect(data).toEqual([{
msg: 'You are currently running PHP 5.4.0. We encourage you to upgrade your PHP version to take advantage of <a target="_blank" href="https://secure.php.net/supported-versions.php">performance and security updates provided by the PHP Group</a> as soon as your distribution supports it.', msg: 'You are currently running PHP 5.4.0. We encourage you to upgrade your PHP version to take advantage of <a target="_blank" rel="noreferrer" href="https://secure.php.net/supported-versions.php">performance and security updates provided by the PHP Group</a> as soon as your distribution supports it.',
type: OC.SetupChecks.MESSAGE_TYPE_INFO type: OC.SetupChecks.MESSAGE_TYPE_INFO
}]); }]);
done(); done();
@ -542,7 +542,7 @@ describe('OC.SetupChecks tests', function() {
async.done(function( data, s, x ){ async.done(function( data, s, x ){
expect(data).toEqual([{ expect(data).toEqual([{
msg: 'The "Strict-Transport-Security" HTTP header is not configured to at least "15768000" seconds. For enhanced security we recommend enabling HSTS as described in our <a href="#admin-tips">security tips</a>.', msg: 'The "Strict-Transport-Security" HTTP header is not configured to at least "15768000" seconds. For enhanced security we recommend enabling HSTS as described in our <a href="#admin-tips" rel="noreferrer">security tips</a>.',
type: OC.SetupChecks.MESSAGE_TYPE_WARNING type: OC.SetupChecks.MESSAGE_TYPE_WARNING
}]); }]);
done(); done();
@ -567,7 +567,7 @@ describe('OC.SetupChecks tests', function() {
async.done(function( data, s, x ){ async.done(function( data, s, x ){
expect(data).toEqual([{ expect(data).toEqual([{
msg: 'The "Strict-Transport-Security" HTTP header is not configured to at least "15768000" seconds. For enhanced security we recommend enabling HSTS as described in our <a href="#admin-tips">security tips</a>.', msg: 'The "Strict-Transport-Security" HTTP header is not configured to at least "15768000" seconds. For enhanced security we recommend enabling HSTS as described in our <a href="#admin-tips" rel="noreferrer">security tips</a>.',
type: OC.SetupChecks.MESSAGE_TYPE_WARNING type: OC.SetupChecks.MESSAGE_TYPE_WARNING
}]); }]);
done(); done();
@ -592,7 +592,7 @@ describe('OC.SetupChecks tests', function() {
async.done(function( data, s, x ){ async.done(function( data, s, x ){
expect(data).toEqual([{ expect(data).toEqual([{
msg: 'The "Strict-Transport-Security" HTTP header is not configured to at least "15768000" seconds. For enhanced security we recommend enabling HSTS as described in our <a href="#admin-tips">security tips</a>.', msg: 'The "Strict-Transport-Security" HTTP header is not configured to at least "15768000" seconds. For enhanced security we recommend enabling HSTS as described in our <a href="#admin-tips" rel="noreferrer">security tips</a>.',
type: OC.SetupChecks.MESSAGE_TYPE_WARNING type: OC.SetupChecks.MESSAGE_TYPE_WARNING
}]); }]);
done(); done();

6
core/templates/installation.php
View File

@ -30,7 +30,7 @@ script('core', [
<legend><strong><?php p($l->t('Security warning'));?></strong></legend> <legend><strong><?php p($l->t('Security warning'));?></strong></legend>
<p><?php p($l->t('Your data directory and files are probably accessible from the internet because the .htaccess file does not work.'));?><br> <p><?php p($l->t('Your data directory and files are probably accessible from the internet because the .htaccess file does not work.'));?><br>
<?php print_unescaped($l->t( <?php print_unescaped($l->t(
'For information how to properly configure your server, please see the <a href="%s" target="_blank">documentation</a>.', 'For information how to properly configure your server, please see the <a href="%s" target="_blank" rel="noreferrer">documentation</a>.',
link_to_docs('admin-install') link_to_docs('admin-install')
)); ?></p> )); ?></p>
</fieldset> </fieldset>
@ -85,7 +85,7 @@ script('core', [
<p class="info"> <p class="info">
<?php p($l->t( 'Only %s is available.', array($label) )); ?> <?php p($l->t( 'Only %s is available.', array($label) )); ?>
<?php p($l->t( 'Install and activate additional PHP modules to choose other database types.' )); ?><br> <?php p($l->t( 'Install and activate additional PHP modules to choose other database types.' )); ?><br>
<a href="<?php print_unescaped(link_to_docs('admin-source_install')); ?>" target="_blank"> <a href="<?php print_unescaped(link_to_docs('admin-source_install')); ?>" target="_blank" rel="noreferrer">
<?php p($l->t( 'For more details check out the documentation.' )); ?> ↗</a> <?php p($l->t( 'For more details check out the documentation.' )); ?> ↗</a>
</p> </p>
<input type="hidden" id="dbtype" name="dbtype" value="<?php p($type) ?>"> <input type="hidden" id="dbtype" name="dbtype" value="<?php p($type) ?>">
@ -164,6 +164,6 @@ script('core', [
<p class="info"> <p class="info">
<span class="icon-info-white svg"></span> <span class="icon-info-white svg"></span>
<?php p($l->t('Need help?'));?> <?php p($l->t('Need help?'));?>
<a target="_blank" href="<?php p(link_to_docs('admin-install')); ?>"><?php p($l->t('See the documentation'));?> ↗</a> <a target="_blank" rel="noreferrer" href="<?php p(link_to_docs('admin-install')); ?>"><?php p($l->t('See the documentation'));?> ↗</a>
</p> </p>
</form> </form>

2
lib/base.php
View File

@ -274,7 +274,7 @@ class OC {
$l->t('Cannot write into "config" directory!'), $l->t('Cannot write into "config" directory!'),
$l->t('This can usually be fixed by ' $l->t('This can usually be fixed by '
. '%sgiving the webserver write access to the config directory%s.', . '%sgiving the webserver write access to the config directory%s.',
array('<a href="' . $urlGenerator->linkToDocs('admin-dir_permissions') . '" target="_blank">', '</a>')) array('<a href="' . $urlGenerator->linkToDocs('admin-dir_permissions') . '" target="_blank" rel="noreferrer">', '</a>'))
); );
} }
} }

2
lib/private/config.php
View File

@ -239,7 +239,7 @@ class Config {
throw new HintException( throw new HintException(
"Can't write into config directory!", "Can't write into config directory!",
'This can usually be fixed by ' 'This can usually be fixed by '
.'<a href="' . $url . '" target="_blank">giving the webserver write access to the config directory</a>.'); .'<a href="' . $url . '" target="_blank" rel="noreferrer">giving the webserver write access to the config directory</a>.');
} }
// Try to acquire a file lock // Try to acquire a file lock

8
lib/private/util.php
View File

@ -657,7 +657,7 @@ class OC_Util {
'error' => $l->t('Cannot write into "config" directory'), 'error' => $l->t('Cannot write into "config" directory'),
'hint' => $l->t('This can usually be fixed by ' 'hint' => $l->t('This can usually be fixed by '
. '%sgiving the webserver write access to the config directory%s.', . '%sgiving the webserver write access to the config directory%s.',
array('<a href="' . $urlGenerator->linkToDocs('admin-dir_permissions') . '" target="_blank">', '</a>')) array('<a href="' . $urlGenerator->linkToDocs('admin-dir_permissions') . '" target="_blank" rel="noreferrer">', '</a>'))
); );
} }
} }
@ -673,7 +673,7 @@ class OC_Util {
'hint' => $l->t('This can usually be fixed by ' 'hint' => $l->t('This can usually be fixed by '
. '%sgiving the webserver write access to the apps directory%s' . '%sgiving the webserver write access to the apps directory%s'
. ' or disabling the appstore in the config file.', . ' or disabling the appstore in the config file.',
array('<a href="' . $urlGenerator->linkToDocs('admin-dir_permissions') . '" target="_blank">', '</a>')) array('<a href="' . $urlGenerator->linkToDocs('admin-dir_permissions') . '" target="_blank" rel="noreferrer">', '</a>'))
); );
} }
} }
@ -687,7 +687,7 @@ class OC_Util {
$errors[] = array( $errors[] = array(
'error' => $l->t('Cannot create "data" directory (%s)', array($CONFIG_DATADIRECTORY)), 'error' => $l->t('Cannot create "data" directory (%s)', array($CONFIG_DATADIRECTORY)),
'hint' => $l->t('This can usually be fixed by ' 'hint' => $l->t('This can usually be fixed by '
. '<a href="%s" target="_blank">giving the webserver write access to the root directory</a>.', . '<a href="%s" target="_blank" rel="noreferrer">giving the webserver write access to the root directory</a>.',
array($urlGenerator->linkToDocs('admin-dir_permissions'))) array($urlGenerator->linkToDocs('admin-dir_permissions')))
); );
} }
@ -695,7 +695,7 @@ class OC_Util {
//common hint for all file permissions error messages //common hint for all file permissions error messages
$permissionsHint = $l->t('Permissions can usually be fixed by ' $permissionsHint = $l->t('Permissions can usually be fixed by '
. '%sgiving the webserver write access to the root directory%s.', . '%sgiving the webserver write access to the root directory%s.',
array('<a href="' . $urlGenerator->linkToDocs('admin-dir_permissions') . '" target="_blank">', '</a>')); array('<a href="' . $urlGenerator->linkToDocs('admin-dir_permissions') . '" target="_blank" rel="noreferrer">', '</a>'));
$errors[] = array( $errors[] = array(
'error' => 'Data directory (' . $CONFIG_DATADIRECTORY . ') not writable by ownCloud', 'error' => 'Data directory (' . $CONFIG_DATADIRECTORY . ') not writable by ownCloud',
'hint' => $permissionsHint 'hint' => $permissionsHint

30
settings/templates/admin.php
View File

@ -73,7 +73,7 @@ if ($_['getenvServerNotWorking']) {
?> ?>
<li> <li>
<?php p($l->t('php does not seem to be setup properly to query system environment variables. The test with getenv("PATH") only returns an empty response.')); ?><br> <?php p($l->t('php does not seem to be setup properly to query system environment variables. The test with getenv("PATH") only returns an empty response.')); ?><br>
<?php print_unescaped($l->t('Please check the <a target="_blank" href="%s">installation documentation ↗</a> for php configuration notes and the php configuration of your server, especially when using php-fpm.', link_to_docs('admin-php-fpm'))); ?> <?php print_unescaped($l->t('Please check the <a target="_blank" rel="noreferrer" href="%s">installation documentation ↗</a> for php configuration notes and the php configuration of your server, especially when using php-fpm.', link_to_docs('admin-php-fpm'))); ?>
</li> </li>
<?php <?php
} }
@ -128,7 +128,7 @@ if (!$_['has_fileinfo']) {
if ($_['fileLockingType'] === 'none') { if ($_['fileLockingType'] === 'none') {
?> ?>
<li> <li>
<?php print_unescaped($l->t('Transactional file locking is disabled, this might lead to issues with race conditions. Enable \'filelocking.enabled\' in config.php to avoid these problems. See the <a target="_blank" href="%s">documentation ↗</a> for more information.', link_to_docs('admin-transactional-locking'))); ?> <?php print_unescaped($l->t('Transactional file locking is disabled, this might lead to issues with race conditions. Enable \'filelocking.enabled\' in config.php to avoid these problems. See the <a target="_blank" rel="noreferrer" href="%s">documentation ↗</a> for more information.', link_to_docs('admin-transactional-locking'))); ?>
</li> </li>
<?php <?php
} }
@ -183,7 +183,7 @@ if ($_['cronErrors']) {
<ul class="warnings hidden"></ul> <ul class="warnings hidden"></ul>
<ul class="info hidden"></ul> <ul class="info hidden"></ul>
<p class="hint hidden"> <p class="hint hidden">
<?php print_unescaped($l->t('Please double check the <a target="_blank" href="%s">installation guides ↗</a>, and check for any errors or warnings in the <a href="#log-section">log</a>.', link_to_docs('admin-install'))); ?> <?php print_unescaped($l->t('Please double check the <a target="_blank" rel="noreferrer" href="%s">installation guides ↗</a>, and check for any errors or warnings in the <a href="#log-section">log</a>.', link_to_docs('admin-install'))); ?>
</p> </p>
</div> </div>
<div id="security-warning-state"> <div id="security-warning-state">
@ -193,7 +193,7 @@ if ($_['cronErrors']) {
<div class="section" id="shareAPI"> <div class="section" id="shareAPI">
<h2><?php p($l->t('Sharing'));?></h2> <h2><?php p($l->t('Sharing'));?></h2>
<a target="_blank" class="icon-info svg" <a target="_blank" el="noreferrer" class="icon-info svg"
title="<?php p($l->t('Open documentation'));?>" title="<?php p($l->t('Open documentation'));?>"
href="<?php p(link_to_docs('admin-sharing')); ?>"></a> href="<?php p(link_to_docs('admin-sharing')); ?>"></a>
<p id="enable"> <p id="enable">
@ -300,7 +300,7 @@ if ($_['cronErrors']) {
endif; ?> endif; ?>
</p> </p>
<?php endif; ?> <?php endif; ?>
<a target="_blank" class="icon-info svg" <a target="_blank" rel="noreferrer" class="icon-info svg"
title="<?php p($l->t('Open documentation'));?>" title="<?php p($l->t('Open documentation'));?>"
href="<?php p(link_to_docs('admin-background-jobs')); ?>"></a> href="<?php p(link_to_docs('admin-background-jobs')); ?>"></a>
@ -332,7 +332,7 @@ if ($_['cronErrors']) {
<div class="section" id='encryptionAPI'> <div class="section" id='encryptionAPI'>
<h2><?php p($l->t('Server-side encryption')); ?></h2> <h2><?php p($l->t('Server-side encryption')); ?></h2>
<a target="_blank" class="icon-info svg" <a target="_blank" rel="noreferrer" class="icon-info svg"
title="<?php p($l->t('Open documentation'));?>" title="<?php p($l->t('Open documentation'));?>"
href="<?php p(link_to_docs('admin-encryption')); ?>"></a> href="<?php p(link_to_docs('admin-encryption')); ?>"></a>
@ -398,7 +398,7 @@ if ($_['cronErrors']) {
<div class="section" id="mail_general_settings"> <div class="section" id="mail_general_settings">
<form id="mail_general_settings_form" class="mail_settings"> <form id="mail_general_settings_form" class="mail_settings">
<h2><?php p($l->t('Email server'));?></h2> <h2><?php p($l->t('Email server'));?></h2>
<a target="_blank" class="icon-info svg" <a target="_blank" rel="noreferrer" class="icon-info svg"
title="<?php p($l->t('Open documentation'));?>" title="<?php p($l->t('Open documentation'));?>"
href="<?php p(link_to_docs('admin-email')); ?>"></a> href="<?php p(link_to_docs('admin-email')); ?>"></a>
@ -544,15 +544,15 @@ if ($_['cronErrors']) {
<li> <li>
<?php p($l->t('SQLite is used as database. For larger installations we recommend to switch to a different database backend.')); ?><br> <?php p($l->t('SQLite is used as database. For larger installations we recommend to switch to a different database backend.')); ?><br>
<?php p($l->t('Especially when using the desktop client for file syncing the use of SQLite is discouraged.')); ?><br> <?php p($l->t('Especially when using the desktop client for file syncing the use of SQLite is discouraged.')); ?><br>
<?php print_unescaped($l->t('To migrate to another database use the command line tool: \'occ db:convert-type\', or see the <a target="_blank" href="%s">documentation ↗</a>.', link_to_docs('admin-db-conversion') )); ?> <?php print_unescaped($l->t('To migrate to another database use the command line tool: \'occ db:convert-type\', or see the <a target="_blank" rel="noreferrer" href="%s">documentation ↗</a>.', link_to_docs('admin-db-conversion') )); ?>
</li> </li>
<?php } ?> <?php } ?>
<li><a target="_blank" href="<?php p(link_to_docs('admin-backup')); ?>"><?php p($l->t('How to do backups'));?> ↗</a></li> <li><a target="_blank" rel="noreferrer" href="<?php p(link_to_docs('admin-backup')); ?>"><?php p($l->t('How to do backups'));?> ↗</a></li>
<li><a target="_blank" href="<?php p(link_to_docs('admin-monitoring')); ?>"><?php p($l->t('Advanced monitoring'));?> ↗</a></li> <li><a target="_blank" rel="noreferrer" href="<?php p(link_to_docs('admin-monitoring')); ?>"><?php p($l->t('Advanced monitoring'));?> ↗</a></li>
<li><a target="_blank" href="<?php p(link_to_docs('admin-performance')); ?>"><?php p($l->t('Performance tuning'));?> ↗</a></li> <li><a target="_blank" rel="noreferrer" href="<?php p(link_to_docs('admin-performance')); ?>"><?php p($l->t('Performance tuning'));?> ↗</a></li>
<li><a target="_blank" href="<?php p(link_to_docs('admin-config')); ?>"><?php p($l->t('Improving the config.php'));?> ↗</a></li> <li><a target="_blank" rel="noreferrer" href="<?php p(link_to_docs('admin-config')); ?>"><?php p($l->t('Improving the config.php'));?> ↗</a></li>
<li><a target="_blank" href="<?php p(link_to_docs('developer-theming')); ?>"><?php p($l->t('Theming'));?> ↗</a></li> <li><a target="_blank" rel="noreferrer" href="<?php p(link_to_docs('developer-theming')); ?>"><?php p($l->t('Theming'));?> ↗</a></li>
<li><a target="_blank" href="<?php p(link_to_docs('admin-security')); ?>"><?php p($l->t('Hardening and security guidance'));?> ↗</a></li> <li><a target="_blank" rel="noreferrer" href="<?php p(link_to_docs('admin-security')); ?>"><?php p($l->t('Hardening and security guidance'));?> ↗</a></li>
</ul> </ul>
</div> </div>
@ -562,7 +562,7 @@ if ($_['cronErrors']) {
<div class="section"> <div class="section">
<h2><?php p($l->t('Version'));?></h2> <h2><?php p($l->t('Version'));?></h2>
<p><a href="<?php print_unescaped($theme->getBaseUrl()); ?>" target="_blank"><?php p($theme->getTitle()); ?></a> <?php p(OC_Util::getHumanVersion()) ?></p> <p><a href="<?php print_unescaped($theme->getBaseUrl()); ?>" rel="noreferrer" target="_blank"><?php p($theme->getTitle()); ?></a> <?php p(OC_Util::getHumanVersion()) ?></p>
<p><?php include('settings.development.notice.php'); ?></p> <p><?php include('settings.development.notice.php'); ?></p>
</div> </div>

8
settings/templates/apps.php
View File

@ -31,7 +31,7 @@ script(
<?php if($_['appstoreEnabled']): ?> <?php if($_['appstoreEnabled']): ?>
<li> <li>
<a class="app-external" target="_blank" href="https://owncloud.org/dev"><?php p($l->t('Developer documentation'));?> ↗</a> <a class="app-external" target="_blank" rel="noreferrer" href="https://owncloud.org/dev"><?php p($l->t('Developer documentation'));?> ↗</a>
</li> </li>
<?php endif; ?> <?php endif; ?>
</script> </script>
@ -53,7 +53,7 @@ script(
{{/if}} {{/if}}
<h2 class="app-name"> <h2 class="app-name">
{{#if detailpage}} {{#if detailpage}}
<a href="{{detailpage}}" target="_blank">{{name}}</a> <a href="{{detailpage}}" target="_blank" rel="noreferrer">{{name}}</a>
{{else}} {{else}}
{{name}} {{name}}
{{/if}} {{/if}}
@ -82,13 +82,13 @@ script(
<?php p($l->t("Documentation:"));?> <?php p($l->t("Documentation:"));?>
{{#if documentation.user}} {{#if documentation.user}}
<span class="userDocumentation"> <span class="userDocumentation">
<a id="userDocumentation" class="appslink" href="{{documentation.user}}" target="_blank"><?php p($l->t('User documentation'));?> ↗</a> <a id="userDocumentation" class="appslink" href="{{documentation.user}}" target="_blank" rel="noreferrer"><?php p($l->t('User documentation'));?> ↗</a>
</span> </span>
{{/if}} {{/if}}
{{#if documentation.admin}} {{#if documentation.admin}}
<span class="adminDocumentation"> <span class="adminDocumentation">
<a id="adminDocumentation" class="appslink" href="{{documentation.admin}}" target="_blank"><?php p($l->t('Admin documentation'));?> ↗</a> <a id="adminDocumentation" class="appslink" href="{{documentation.admin}}" target="_blank" rel="noreferrer"><?php p($l->t('Admin documentation'));?> ↗</a>
</span> </span>
{{/if}} {{/if}}
</p> </p>

6
settings/templates/personal.php
View File

@ -169,15 +169,15 @@ if($_['passwordChangeSupported']) {
<div id="clientsbox" class="section clientsbox"> <div id="clientsbox" class="section clientsbox">
<h2><?php p($l->t('Get the apps to sync your files'));?></h2> <h2><?php p($l->t('Get the apps to sync your files'));?></h2>
<a href="<?php p($_['clients']['desktop']); ?>" target="_blank"> <a href="<?php p($_['clients']['desktop']); ?>" rel="noreferrer" target="_blank">
<img src="<?php print_unescaped(OCP\Util::imagePath('core', 'desktopapp.svg')); ?>" <img src="<?php print_unescaped(OCP\Util::imagePath('core', 'desktopapp.svg')); ?>"
alt="<?php p($l->t('Desktop client'));?>" /> alt="<?php p($l->t('Desktop client'));?>" />
</a> </a>
<a href="<?php p($_['clients']['android']); ?>" target="_blank"> <a href="<?php p($_['clients']['android']); ?>" rel="noreferrer" target="_blank">
<img src="<?php print_unescaped(OCP\Util::imagePath('core', 'googleplay.png')); ?>" <img src="<?php print_unescaped(OCP\Util::imagePath('core', 'googleplay.png')); ?>"
alt="<?php p($l->t('Android app'));?>" /> alt="<?php p($l->t('Android app'));?>" />
</a> </a>
<a href="<?php p($_['clients']['ios']); ?>" target="_blank"> <a href="<?php p($_['clients']['ios']); ?>" rel="noreferrer" target="_blank">
<img src="<?php print_unescaped(OCP\Util::imagePath('core', 'appstore.svg')); ?>" <img src="<?php print_unescaped(OCP\Util::imagePath('core', 'appstore.svg')); ?>"
alt="<?php p($l->t('iOS app'));?>" /> alt="<?php p($l->t('iOS app'));?>" />
</a> </a>