Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Security: on target=_blank, we must have rel="noopener"

Browse Source
This commit is contained in:
Laurent Destailleur
2017-12-02 01:13:32 +01:00
parent 46b281f703
commit 0a73daba01
12 changed files with 161 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/core/boxes/modules_boxes.php
View File

@@ -260,7 +260,7 @@ class ModeleBoxes // Can't be abtract as it is instantiated to build "empty"
if (! empty($conf->use_javascript_ajax))
{
$sublink='';
if (! empty($head['sublink'])) $sublink.= '<a href="'.$head['sublink'].'"'.(empty($head['target'])?' target="_blank"':'').'>';
if (! empty($head['sublink'])) $sublink.= '<a href="'.$head['sublink'].'"'.(empty($head['target'])?'':' target="'.$head['target'].'"').'>';
if (! empty($head['subpicto'])) $sublink.= img_picto($head['subtext'], $head['subpicto'], 'class="'.(empty($head['subclass'])?'':$head['subclass']).'" id="idsubimg'.$this->boxcode.'"');
if (! empty($head['sublink'])) $sublink.= '</a>';