Pervent reverse tabnabbing in edx platform
This commit is contained in:
Awais Jibran
@@ -97,7 +97,10 @@ define([
|
||||
// general link management - new window/tab
|
||||
$('a[rel="external"]:not([title])')
|
||||
.attr('title', gettext('This link will open in a new browser window/tab'));
|
||||
$('a[rel="external"]').attr('target', '_blank');
|
||||
$('a[rel="external"]').attr({
|
||||
rel: 'noopener external',
|
||||
target: '_blank'
|
||||
});
|
||||
|
||||
// general link management - lean modal window
|
||||
$('a[rel="modal"]').attr('title', gettext('This link will open in a modal window')).leanModal({
|
||||
|
||||
@@ -144,7 +144,7 @@ from openedx.core.djangolib.markup import HTML, Text
|
||||
<p>${_("Confirm that you have properly configured content in each of your experiment groups.")}</p>
|
||||
</div>
|
||||
<div class="bit external-help">
|
||||
<a href="${get_online_help_info(online_help_token())['doc_url']}" target="_blank" class="button external-help-button">${_("Learn more about component containers")}</a>
|
||||
<a href="${get_online_help_info(online_help_token())['doc_url']}" rel="noopener" target="_blank" class="button external-help-button">${_("Learn more about component containers")}</a>
|
||||
</div>
|
||||
% elif is_unit_page:
|
||||
<div id="publish-unit"></div>
|
||||
|
||||
@@ -148,7 +148,7 @@ from openedx.core.djangolib.js_utils import js_escaped_string
|
||||
</div>
|
||||
|
||||
<div class="bit external-help">
|
||||
<a href="${get_online_help_info(online_help_token())['doc_url']}" target="_blank" class="button external-help-button">${_("Learn more about Course Re-runs")}</a>
|
||||
<a href="${get_online_help_info(online_help_token())['doc_url']}" rel="noopener" target="_blank" class="button external-help-button">${_("Learn more about Course Re-runs")}</a>
|
||||
</div>
|
||||
</aside>
|
||||
|
||||
|
||||
@@ -164,7 +164,7 @@ from django.core.urlresolvers import reverse
|
||||
<div style="width: 50%" class="status-studio-frontend">
|
||||
% endif
|
||||
<%static:studiofrontend entry="courseOutlineHealthCheck">
|
||||
<%
|
||||
<%
|
||||
course_key = context_course.id
|
||||
%>
|
||||
{
|
||||
@@ -188,7 +188,7 @@ from django.core.urlresolvers import reverse
|
||||
"settings": ${reverse('settings_handler', kwargs={'course_key_string': unicode(course_key)})| n, dump_js_escaped_json}
|
||||
}
|
||||
}
|
||||
</%static:studiofrontend>
|
||||
</%static:studiofrontend>
|
||||
</div>
|
||||
<div class="status-highlights-enabled"></div>
|
||||
</div>
|
||||
@@ -218,14 +218,14 @@ from django.core.urlresolvers import reverse
|
||||
<h3 class="title-3">${_("Reorganizing your course")}</h3>
|
||||
<p>${_("Drag sections, subsections, and units to new locations in the outline.")}</p>
|
||||
<div class="external-help">
|
||||
<a href="${get_online_help_info('outline')['doc_url']}" target="_blank" class="button external-help-button">${_("Learn more about the course outline")}</a>
|
||||
<a href="${get_online_help_info('outline')['doc_url']}" rel="noopener" target="_blank" class="button external-help-button">${_("Learn more about the course outline")}</a>
|
||||
</div>
|
||||
</div>
|
||||
<div class="bit">
|
||||
<h3 class="title-3">${_("Setting release dates and grading policies")}</h3>
|
||||
<p>${_("Select the Configure icon for a section or subsection to set its release date. When you configure a subsection, you can also set the grading policy and due date.")}</p>
|
||||
<div class="external-help">
|
||||
<a href="${get_online_help_info('grading')['doc_url']}" target="_blank" class="button external-help-button">${_("Learn more about grading policy settings")}</a>
|
||||
<a href="${get_online_help_info('grading')['doc_url']}" rel="noopener" target="_blank" class="button external-help-button">${_("Learn more about grading policy settings")}</a>
|
||||
</div>
|
||||
</div>
|
||||
<div class="bit">
|
||||
@@ -234,7 +234,7 @@ from django.core.urlresolvers import reverse
|
||||
<p>${Text(_("To make a section, subsection, or unit unavailable to learners, select the Configure icon for that level, then select the appropriate {em_start}Hide{em_end} option. Grades for hidden sections, subsections, and units are not included in grade calculations.")).format(em_start=HTML("<strong>"), em_end=HTML("</strong>"))}</p>
|
||||
<p>${Text(_("To hide the content of a subsection from learners after the subsection due date has passed, select the Configure icon for a subsection, then select {em_start}Hide content after due date{em_end}. Grades for the subsection remain included in grade calculations.")).format(em_start=HTML("<strong>"), em_end=HTML("</strong>"))}</p>
|
||||
<div class="external-help">
|
||||
<a href="${get_online_help_info('visibility')['doc_url']}" target="_blank" class="button external-help-button">${_("Learn more about content visibility settings")}</a>
|
||||
<a href="${get_online_help_info('visibility')['doc_url']}" rel="noopener" target="_blank" class="button external-help-button">${_("Learn more about content visibility settings")}</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
@@ -235,7 +235,7 @@ else:
|
||||
<p>${_("Use an archive program to extract the data from the .tar.gz file. Extracted data includes the library.xml file, as well as subfolders that contain library content.")}</p>
|
||||
</div>
|
||||
<div class="bit external-help">
|
||||
<a href="${get_online_help_info(online_help_token())['doc_url']}" target="_blank" class="button external-help-button">${_("Learn more about exporting a library")}</a>
|
||||
<a href="${get_online_help_info(online_help_token())['doc_url']}" rel="noopener" target="_blank" class="button external-help-button">${_("Learn more about exporting a library")}</a>
|
||||
</div>
|
||||
</aside>
|
||||
%else:
|
||||
@@ -269,7 +269,7 @@ else:
|
||||
<p>${_("Use an archive program to extract the data from the .tar.gz file. Extracted data includes the course.xml file, as well as subfolders that contain course content.")}</p>
|
||||
</div>
|
||||
<div class="bit external-help">
|
||||
<a href="${get_online_help_info(online_help_token())['doc_url']}" target="_blank" class="button external-help-button">${_("Learn more about exporting a course")}</a>
|
||||
<a href="${get_online_help_info(online_help_token())['doc_url']}" rel="noopener" target="_blank" class="button external-help-button">${_("Learn more about exporting a course")}</a>
|
||||
</div>
|
||||
</aside>
|
||||
%endif
|
||||
|
||||
@@ -86,7 +86,7 @@ from openedx.core.djangolib.markup import HTML, Text
|
||||
<p>${_("Enrollment track groups allow you to offer different course content to learners in each enrollment track. Learners enrolled in each enrollment track in your course are automatically included in the corresponding enrollment track group.")}</p>
|
||||
<p>${_("On unit pages in the course outline, you can restrict access to components to learners based on their enrollment track.")}</p>
|
||||
<p>${_("You cannot edit enrollment track groups, but you can expand each group to view details of the course content that is designated for learners in the group.")}</p>
|
||||
<p><a href="${get_online_help_info(enrollment_track_help_token())['doc_url']}" target="_blank" class="button external-help-button">${_("Learn More")}</a></p>
|
||||
<p><a href="${get_online_help_info(enrollment_track_help_token())['doc_url']} rel="noopener" target="_blank" class="button external-help-button">${_("Learn More")}</a></p>
|
||||
</div>
|
||||
</div>
|
||||
% endif
|
||||
@@ -96,7 +96,7 @@ from openedx.core.djangolib.markup import HTML, Text
|
||||
<p>${_("If you have cohorts enabled in your course, you can use content groups to create cohort-specific courseware. In other words, you can customize the content that particular cohorts see in your course.")}</p>
|
||||
<p>${_("Each content group that you create can be associated with one or more cohorts. In addition to making course content available to all learners, you can restrict access to some content to learners in specific content groups. Only learners in the cohorts that are associated with the specified content groups see the additional content.")}</p>
|
||||
<p>${Text(_("Click {em_start}New content group{em_end} to add a new content group. To edit the name of a content group, hover over its box and click {em_start}Edit{em_end}. You can delete a content group only if it is not in use by a unit. To delete a content group, hover over its box and click the delete icon.")).format(em_start=HTML("<strong>"), em_end=HTML("</strong>"))}</p>
|
||||
<p><a href="${get_online_help_info(content_groups_help_token())['doc_url']}" target="_blank" class="button external-help-button">${_("Learn More")}</a></p>
|
||||
<p><a href="${get_online_help_info(content_groups_help_token())['doc_url']}" rel="noopener" target="_blank" class="button external-help-button">${_("Learn More")}</a></p>
|
||||
</div>
|
||||
</div>
|
||||
% if should_show_experiment_groups:
|
||||
@@ -105,7 +105,7 @@ from openedx.core.djangolib.markup import HTML, Text
|
||||
<h3 class="title-3">${_("Experiment Group Configurations")}</h3>
|
||||
<p>${_("Use experiment group configurations if you are conducting content experiments, also known as A/B testing, in your course. Experiment group configurations define how many groups of learners are in a content experiment. When you create a content experiment for a course, you select the group configuration to use.")}</p>
|
||||
<p>${Text(_("Click {em_start}New Group Configuration{em_end} to add a new configuration. To edit a configuration, hover over its box and click {em_start}Edit{em_end}. You can delete a group configuration only if it is not in use in an experiment. To delete a configuration, hover over its box and click the delete icon.")).format(em_start=HTML("<strong>"), em_end=HTML("</strong>"))}</p>
|
||||
<p><a href="${get_online_help_info(experiment_group_configurations_help_token())['doc_url']}" target="_blank" class="button external-help-button">${_("Learn More")}</a></p>
|
||||
<p><a href="${get_online_help_info(experiment_group_configurations_help_token())['doc_url']}" rel="noopener" target="_blank" class="button external-help-button">${_("Learn More")}</a></p>
|
||||
</div>
|
||||
</div>
|
||||
% endif
|
||||
|
||||
@@ -213,7 +213,7 @@ else:
|
||||
<p>${_("If you change and import a library that is referenced by randomized content blocks in one or more courses, those courses do not automatically use the updated content. You must manually refresh the randomized content blocks to bring them up to date with the latest library content.")}</p>
|
||||
</div>
|
||||
<div class="bit external-help">
|
||||
<a href="${get_online_help_info(online_help_token())['doc_url']}" target="_blank" class="button external-help-button">${_("Learn more about importing a library")}</a>
|
||||
<a href="${get_online_help_info(online_help_token())['doc_url']}" rel="noopener" target="_blank" class="button external-help-button">${_("Learn more about importing a library")}</a>
|
||||
</div>
|
||||
</aside>
|
||||
%else:
|
||||
@@ -245,7 +245,7 @@ else:
|
||||
<p>${_("If you perform an import while your course is running, and you change the URL names (or url_name nodes) of any Problem components, the student data associated with those Problem components may be lost. This data includes students' problem scores.")}</p>
|
||||
</div>
|
||||
<div class="bit external-help">
|
||||
<a href="${get_online_help_info(online_help_token())['doc_url']}" target="_blank" class="button external-help-button">${_("Learn more about importing a course")}</a>
|
||||
<a href="${get_online_help_info(online_help_token())['doc_url']}" rel="noopener" target="_blank" class="button external-help-button">${_("Learn more about importing a course")}</a>
|
||||
</div>
|
||||
</aside>
|
||||
%endif
|
||||
|
||||
@@ -519,7 +519,7 @@ from openedx.core.djangolib.js_utils import (
|
||||
<ol class="list-actions">
|
||||
<li class="action-item">
|
||||
|
||||
<a href="${get_online_help_info(online_help_token())['doc_url']}" target="_blank">${_("Getting Started with {studio_name}").format(studio_name=settings.STUDIO_NAME)}</a>
|
||||
<a href="${get_online_help_info(online_help_token())['doc_url']}" rel="noopener" target="_blank">${_("Getting Started with {studio_name}").format(studio_name=settings.STUDIO_NAME)}</a>
|
||||
</li>
|
||||
</ol>
|
||||
</div>
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
<% if (support_legend.show_legend) { %>
|
||||
<span class="support-documentation">
|
||||
<a class="support-documentation-link"
|
||||
href="https://edx.readthedocs.io/projects/edx-partner-course-staff/en/latest/exercises_tools/create_exercises_and_tools.html#levels-of-support-for-tools" target="_blank">
|
||||
href="https://edx.readthedocs.io/projects/edx-partner-course-staff/en/latest/exercises_tools/create_exercises_and_tools.html#levels-of-support-for-tools" rel="noopener" target="_blank">
|
||||
<%- support_legend.documentation_label %>
|
||||
</a>
|
||||
<span class="support-documentation-level">
|
||||
|
||||
@@ -8,5 +8,5 @@
|
||||
<% } else { %>
|
||||
<button class="status-highlights-enabled-value button" aria-labelledby="highlights-enabled-label"><%- gettext('Enable Now') %></button>
|
||||
<% } %>
|
||||
<a class="status-highlights-enabled-info" href="<%- highlights_doc_url %>" target="_blank">Learn more</a>
|
||||
<a class="status-highlights-enabled-info" href="<%- highlights_doc_url %>" rel="noopener" target="_blank">Learn more</a>
|
||||
</div>
|
||||
|
||||
@@ -15,7 +15,7 @@
|
||||
),
|
||||
{
|
||||
linkStart: edx.HtmlUtils.interpolateHtml(
|
||||
edx.HtmlUtils.HTML('<a href="{highlightsDocUrl}" target="_blank">'),
|
||||
edx.HtmlUtils.HTML('<a href="{highlightsDocUrl}" rel="noopener" target="_blank">'),
|
||||
{highlightsDocUrl: xblockInfo.attributes.highlights_doc_url}
|
||||
),
|
||||
linkEnd: edx.HtmlUtils.HTML('</a>')
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<%- gettext("License Type") %>
|
||||
</h3>
|
||||
<ul class="license-types">
|
||||
<% var link_start_tpl = '<a href="{url}" target="_blank">'; %>
|
||||
<% var link_start_tpl = '<a href="{url}" rel="noopener" target="_blank">'; %>
|
||||
<% _.each(licenseInfo, function(license, licenseType) { %>
|
||||
<li class="license-type" data-license="<%- licenseType %>">
|
||||
<button name="license-<%- licenseType %>"
|
||||
|
||||
@@ -98,7 +98,7 @@ from openedx.core.djangolib.markup import HTML, Text
|
||||
</div>
|
||||
% endif
|
||||
<div class="bit external-help">
|
||||
<a href="${get_online_help_info(online_help_token())['doc_url']}" target="_blank" class="button external-help-button">${_("Learn more about content libraries")}</a>
|
||||
<a href="${get_online_help_info(online_help_token())['doc_url']}" rel="noopener" target="_blank" class="button external-help-button">${_("Learn more about content libraries")}</a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@@ -67,7 +67,7 @@ CMS.URL.LMS_BASE = "${settings.LMS_BASE | n, js_escaped_string}"
|
||||
</div>
|
||||
|
||||
<div class="bit external-help">
|
||||
<a href="${get_online_help_info(online_help_token())['doc_url']}" target="_blank" class="button external-help-button">${_("Learn more about textbooks")}</a>
|
||||
<a href="${get_online_help_info(online_help_token())['doc_url']}" rel="noopener" target="_blank" class="button external-help-button">${_("Learn more about textbooks")}</a>
|
||||
</div>
|
||||
</aside>
|
||||
</section>
|
||||
|
||||
@@ -41,7 +41,7 @@
|
||||
<h3 class="title">Course Summary Page <span class="tip">(for student enrollment and access)</span></h3>
|
||||
<div class="copy">
|
||||
|
||||
<p><a class="link-courseURL" rel="external" href="http://localhost:8000/courses/course-v1:AndyA+AA101+1/about" title="This link will open in a new browser window/tab" target="_blank">http://localhost:8000/courses/course-v1:AndyA+AA101+1/about</a></p>
|
||||
<p><a class="link-courseURL" rel="external" href="http://localhost:8000/courses/course-v1:AndyA+AA101+1/about" title="This link will open in a new browser window/tab" rel="noopener" target="_blank">http://localhost:8000/courses/course-v1:AndyA+AA101+1/about</a></p>
|
||||
</div>
|
||||
|
||||
<ul class="list-actions">
|
||||
@@ -351,7 +351,7 @@
|
||||
<label class="sr" for="course-overview-cm-textarea">
|
||||
HTML Code Editor
|
||||
</label>
|
||||
<span class="tip tip-stacked">Introductions, prerequisites, FAQs that are used on <a class="link-courseURL" rel="external" href="http://localhost:8000/courses/course-v1:AndyA+AA101+1/about" title="This link will open in a new browser window/tab" target="_blank">your course summary page</a> (formatted in HTML)</span>
|
||||
<span class="tip tip-stacked">Introductions, prerequisites, FAQs that are used on <a class="link-courseURL" rel="external" href="http://localhost:8000/courses/course-v1:AndyA+AA101+1/about" title="This link will open in a new browser window/tab" rel="noopener" target="_blank">your course summary page</a> (formatted in HTML)</span>
|
||||
</li>
|
||||
|
||||
<li class="field image" id="field-course-image">
|
||||
@@ -465,7 +465,7 @@
|
||||
</button>
|
||||
<p class="tip">
|
||||
|
||||
<a href="https://creativecommons.org/about" target="_blank">
|
||||
<a href="https://creativecommons.org/about" rel="noopener" target="_blank">
|
||||
Learn more about Creative Commons
|
||||
</a>
|
||||
|
||||
|
||||
@@ -220,7 +220,7 @@
|
||||
<h2 class="sr-only">${_("Account Navigation")}</h2>
|
||||
<ol>
|
||||
<li class="nav-item nav-account-help">
|
||||
<h3 class="title"><span class="label"><a href="${get_online_help_info(online_help_token)['doc_url']}" title="${_('Contextual Online Help')}" target="_blank">${_("Help")}</a></span></h3>
|
||||
<h3 class="title"><span class="label"><a href="${get_online_help_info(online_help_token)['doc_url']}" title="${_('Contextual Online Help')}" rel="noopener" target="_blank">${_("Help")}</a></span></h3>
|
||||
</li>
|
||||
<li class="nav-item nav-account-user">
|
||||
<%include file="user_dropdown.html" args="online_help_token=online_help_token" />
|
||||
@@ -236,7 +236,7 @@
|
||||
<h2 class="sr-only">${_("Account Navigation")}</h2>
|
||||
<ol>
|
||||
<li class="nav-item nav-not-signedin-help">
|
||||
<a href="${get_online_help_info(online_help_token)['doc_url']}" title="${_('Contextual Online Help')}" target="_blank">${_("Help")}</a>
|
||||
<a href="${get_online_help_info(online_help_token)['doc_url']}" title="${_('Contextual Online Help')}" rel="noopener" target="_blank">${_("Help")}</a>
|
||||
</li>
|
||||
% if static.get_value('ALLOW_PUBLIC_ACCOUNT_CREATION', settings.FEATURES.get('ALLOW_PUBLIC_ACCOUNT_CREATION')):
|
||||
<li class="nav-item nav-not-signedin-signup">
|
||||
|
||||
@@ -85,7 +85,7 @@ from openedx.core.djangolib.markup import HTML, Text
|
||||
log = logging.getLogger(__name__)
|
||||
|
||||
DOCS_ANCHOR_TAG_OPEN = (
|
||||
"<a target='_blank' "
|
||||
"<a rel='noopener' target='_blank' "
|
||||
"href='https://edx.readthedocs.io/projects/edx-partner-course-staff/en/latest/exercises_tools/lti_component.html'>"
|
||||
)
|
||||
BREAK_TAG = '<br />'
|
||||
|
||||
@@ -92,14 +92,14 @@ class TestInstructorDashboard(ModuleStoreTestCase, LoginEnrollmentTestCase, XssT
|
||||
Returns expected dashboard enrollment message with link to Insights.
|
||||
"""
|
||||
return u'Enrollment data is now available in <a href="http://example.com/courses/{}" ' \
|
||||
'target="_blank">Example</a>.'.format(text_type(self.course.id))
|
||||
'rel="noopener" target="_blank">Example</a>.'.format(text_type(self.course.id))
|
||||
|
||||
def get_dashboard_analytics_message(self):
|
||||
"""
|
||||
Returns expected dashboard demographic message with link to Insights.
|
||||
"""
|
||||
return u'For analytics about your course, go to <a href="http://example.com/courses/{}" ' \
|
||||
'target="_blank">Example</a>.'.format(text_type(self.course.id))
|
||||
'rel="noopener" target="_blank">Example</a>.'.format(text_type(self.course.id))
|
||||
|
||||
def test_instructor_tab(self):
|
||||
"""
|
||||
|
||||
@@ -140,7 +140,7 @@ def instructor_dashboard_2(request, course_id):
|
||||
if show_analytics_dashboard_message(course_key):
|
||||
# Construct a URL to the external analytics dashboard
|
||||
analytics_dashboard_url = '{0}/courses/{1}'.format(settings.ANALYTICS_DASHBOARD_URL, six.text_type(course_key))
|
||||
link_start = HTML(u"<a href=\"{}\" target=\"_blank\">").format(analytics_dashboard_url)
|
||||
link_start = HTML(u"<a href=\"{}\" rel=\"noopener\" target=\"_blank\">").format(analytics_dashboard_url)
|
||||
analytics_dashboard_message = _(
|
||||
u"To gain insights into student enrollment and participation {link_start}"
|
||||
u"visit {analytics_dashboard_name}, our new course analytics product{link_end}."
|
||||
@@ -773,7 +773,7 @@ def _section_send_email(course, access):
|
||||
def _get_dashboard_link(course_key):
|
||||
""" Construct a URL to the external analytics dashboard """
|
||||
analytics_dashboard_url = u'{0}/courses/{1}'.format(settings.ANALYTICS_DASHBOARD_URL, six.text_type(course_key))
|
||||
link = HTML(u"<a href=\"{0}\" target=\"_blank\">{1}</a>").format(
|
||||
link = HTML(u"<a href=\"{0}\" rel=\"noopener\" target=\"_blank\">{1}</a>").format(
|
||||
analytics_dashboard_url, settings.ANALYTICS_DASHBOARD_NAME
|
||||
)
|
||||
return link
|
||||
|
||||
@@ -504,7 +504,7 @@
|
||||
cssClass: 'file-download-link',
|
||||
formatter: function(row, cell, value, columnDef, dataContext) {
|
||||
return edx.HtmlUtils.joinHtml(edx.HtmlUtils.HTML(
|
||||
'<a target="_blank" href="'), dataContext.url,
|
||||
'<a rel="noopener" target="_blank" href="'), dataContext.url,
|
||||
edx.HtmlUtils.HTML('">'), dataContext.name,
|
||||
edx.HtmlUtils.HTML('</a>'));
|
||||
}
|
||||
|
||||
@@ -41,7 +41,7 @@ export class StudentAccountDeletion extends React.Component {
|
||||
const loseAccessText = StringUtils.interpolate(
|
||||
gettext('You may also lose access to verified certificates and other program credentials like MicroMasters certificates. If you want to make a copy of these for your records before proceeding with deletion, follow the instructions for {htmlStart}printing or downloading a certificate{htmlEnd}.'),
|
||||
{
|
||||
htmlStart: '<a href="https://edx.readthedocs.io/projects/edx-guide-for-students/en/latest/SFD_certificates.html#printing-a-certificate" target="_blank">',
|
||||
htmlStart: '<a href="https://edx.readthedocs.io/projects/edx-guide-for-students/en/latest/SFD_certificates.html#printing-a-certificate" rel="noopener" target="_blank">',
|
||||
htmlEnd: '</a>',
|
||||
},
|
||||
);
|
||||
@@ -51,7 +51,7 @@ export class StudentAccountDeletion extends React.Component {
|
||||
const socialAuthError = StringUtils.interpolate(
|
||||
gettext('Before proceeding, please {htmlStart}unlink all social media accounts{htmlEnd}.'),
|
||||
{
|
||||
htmlStart: '<a href="https://support.edx.org/hc/en-us/articles/207206067" target="_blank">',
|
||||
htmlStart: '<a href="https://support.edx.org/hc/en-us/articles/207206067" rel="noopener" target="_blank">',
|
||||
htmlEnd: '</a>',
|
||||
},
|
||||
);
|
||||
@@ -59,7 +59,7 @@ export class StudentAccountDeletion extends React.Component {
|
||||
const activationError = StringUtils.interpolate(
|
||||
gettext('Before proceeding, please {htmlStart}activate your account{htmlEnd}.'),
|
||||
{
|
||||
htmlStart: '<a href="https://support.edx.org/hc/en-us/articles/115000940568-How-do-I-activate-my-account-" target="_blank">',
|
||||
htmlStart: '<a href="https://support.edx.org/hc/en-us/articles/115000940568-How-do-I-activate-my-account-" rel="noopener" target="_blank">',
|
||||
htmlEnd: '</a>',
|
||||
},
|
||||
);
|
||||
@@ -67,7 +67,7 @@ export class StudentAccountDeletion extends React.Component {
|
||||
const changeAcctInfoText = StringUtils.interpolate(
|
||||
gettext('{htmlStart}Want to change your email, name, or password instead?{htmlEnd}'),
|
||||
{
|
||||
htmlStart: '<a href="https://support.edx.org/hc/en-us/sections/115004139268-Manage-Your-Account-Settings" target="_blank">',
|
||||
htmlStart: '<a href="https://support.edx.org/hc/en-us/sections/115004139268-Manage-Your-Account-Settings" rel="noopener" target="_blank">',
|
||||
htmlEnd: '</a>',
|
||||
},
|
||||
);
|
||||
|
||||
@@ -96,7 +96,7 @@ class StudentAccountDeletionConfirmationModal extends React.Component {
|
||||
const loseAccessText = StringUtils.interpolate(
|
||||
gettext('You may also lose access to verified certificates and other program credentials like MicroMasters certificates. If you want to make a copy of these for your records before proceeding with deletion, follow the instructions for {htmlStart}printing or downloading a certificate{htmlEnd}.'),
|
||||
{
|
||||
htmlStart: '<a href="https://edx.readthedocs.io/projects/edx-guide-for-students/en/latest/SFD_certificates.html#printing-a-certificate" target="_blank">',
|
||||
htmlStart: '<a href="https://edx.readthedocs.io/projects/edx-guide-for-students/en/latest/SFD_certificates.html#printing-a-certificate" rel="noopener" target="_blank">',
|
||||
htmlEnd: '</a>',
|
||||
},
|
||||
);
|
||||
|
||||
@@ -262,7 +262,7 @@
|
||||
$('label a').click(function(ev) {
|
||||
ev.stopPropagation();
|
||||
ev.preventDefault();
|
||||
window.open($(this).attr('href'), $(this).attr('target'));
|
||||
window.open($(this).attr('href'), $(this).attr('target'), 'noopener');
|
||||
});
|
||||
$('.form-field').each(function() {
|
||||
$(this).find('option:first').html('');
|
||||
|
||||
@@ -25,7 +25,7 @@ from openedx.core.djangolib.js_utils import js_escaped_string
|
||||
<h1 id="api-header">${catalog.name}</h1>
|
||||
|
||||
<p>
|
||||
<a href="${'{root}/{id}/csv/'.format(root=catalog_api_catalog_endpoint, id=catalog.id)}" target="_blank">
|
||||
<a href="${'{root}/{id}/csv/'.format(root=catalog_api_catalog_endpoint, id=catalog.id)}" rel="noopener" target="_blank">
|
||||
${_("Download CSV")}
|
||||
</a>
|
||||
</p>
|
||||
|
||||
@@ -28,7 +28,7 @@ CatalogPreviewFactory({
|
||||
<li>
|
||||
<a href="${reverse('api_admin:catalog-edit', args=(catalog.id,))}">${catalog.name}</a>
|
||||
(<a
|
||||
href="${'{root}/{id}/csv/'.format(root=catalog_api_catalog_endpoint, id=catalog.id)}"
|
||||
href="${'{root}/{id}/csv/'.format(root=catalog_api_catalog_endpoint, id=catalog.id)}" rel="noopener"
|
||||
target="_blank">${_("Download CSV")}</a>)
|
||||
</li>
|
||||
% endfor
|
||||
|
||||
@@ -25,7 +25,7 @@ from openedx.core.djangolib.js_utils import js_escaped_string
|
||||
social_network: 'LinkedIn'
|
||||
};
|
||||
Logger.log('edx.certificate.shared', data);
|
||||
window.open('${linked_in_url | n, js_escaped_string}');
|
||||
window.open('${linked_in_url | n, js_escaped_string}', '', 'noopener');
|
||||
});
|
||||
});
|
||||
|
||||
@@ -33,7 +33,9 @@ from openedx.core.djangolib.js_utils import js_escaped_string
|
||||
// popup a window at center of the screen.
|
||||
var left = (screen.width/2)-(width/2);
|
||||
var top = (screen.height/2)-(height/2);
|
||||
return window.open(url, title, 'toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=yes, resizable=yes, width='+width+', height='+height+', top='+top+', left='+left);
|
||||
var popupWindow = window.open(url, title, 'toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=yes, resizable=yes, width='+width+', height='+height+', top='+top+', left='+left);
|
||||
popupWindow.opener = null;
|
||||
return popupWindow;
|
||||
}
|
||||
</script>
|
||||
</%block>
|
||||
|
||||
@@ -13,9 +13,9 @@
|
||||
<hr class="modal-hr"/>
|
||||
<img class="backpack-logo" src="${static.url('certificates/images/backpack-logo.png')}">
|
||||
<ol class="badges-steps">
|
||||
<li class="step">Create a <a href="https://backpack.openbadges.org/" target="_blank">Mozilla Backpack</a> account, or log in to your existing account
|
||||
<li class="step">Create a <a href="https://backpack.openbadges.org/" rel="noopener" target="_blank">Mozilla Backpack</a> account, or log in to your existing account
|
||||
</li>
|
||||
<li class="step"><a href="${badge.image_url}" target="_blank">Download this image (right-click, save as)</a> and then <a href="https://backpack.openbadges.org/backpack/add" target="_blank">upload</a> it to your backpack.</li>
|
||||
<li class="step"><a href="${badge.image_url}" rel="noopener" target="_blank">Download this image (right-click, save as)</a> and then <a href="https://backpack.openbadges.org/backpack/add" target="_blank">upload</a> it to your backpack.</li>
|
||||
</ol>
|
||||
<div class="image-container">
|
||||
<img class="badges-backpack-example" src="${static.url('certificates/images/backpack-ui.png')}">
|
||||
|
||||
@@ -80,9 +80,9 @@ username = get_enterprise_learner_generic_name(request) or student.username
|
||||
</div>
|
||||
<div class="msg-actions">
|
||||
%if certificate_data.cert_web_view_url:
|
||||
<a class="btn" href="${certificate_data.cert_web_view_url}" target="_blank">${_("View Certificate")} <span class="sr">${_("Opens in a new browser window")}</span></a>
|
||||
<a class="btn" href="${certificate_data.cert_web_view_url}" rel="noopener" target="_blank">${_("View Certificate")} <span class="sr">${_("Opens in a new browser window")}</span></a>
|
||||
%elif certificate_data.cert_status == CertificateStatuses.downloadable and certificate_data.download_url:
|
||||
<a class="btn" href="${certificate_data.download_url}" target="_blank">${_("Download Your Certificate")} <span class="sr">${_("Opens in a new browser window")}</span></a>
|
||||
<a class="btn" href="${certificate_data.download_url}" rel="noopener" target="_blank">${_("Download Your Certificate")} <span class="sr">${_("Opens in a new browser window")}</span></a>
|
||||
%elif certificate_data.cert_status == CertificateStatuses.requesting:
|
||||
<button class="btn generate_certs" data-endpoint="${post_url}" id="btn_generate_cert">${_('Request Certificate')}</button>
|
||||
%endif
|
||||
|
||||
@@ -19,7 +19,7 @@
|
||||
<table>
|
||||
<tr>
|
||||
<td class="cn-img-wrapper">
|
||||
<a target="_blank" title="" href="#">
|
||||
<a rel="noopener" target="_blank" title="" href="#">
|
||||
<img class="cn-img" src="cid:${branded_logo}">
|
||||
</a>
|
||||
</td>
|
||||
|
||||
@@ -297,7 +297,7 @@ from student.models import CourseEnrollment
|
||||
<li class="order-history">
|
||||
<span class="title">${_("Order History")}</span>
|
||||
% for order_history_item in order_history_list:
|
||||
<span><a href="${order_history_item['receipt_url']}" target="_blank" class="edit-name">${order_history_item['order_date']}</a></span>
|
||||
<span><a href="${order_history_item['receipt_url']}" rel="noopener" target="_blank" class="edit-name">${order_history_item['order_date']}</a></span>
|
||||
% endfor
|
||||
</li>
|
||||
% endif
|
||||
|
||||
@@ -82,7 +82,7 @@ else:
|
||||
</li>
|
||||
% elif cert_status['status'] == 'downloadable' and cert_status.get('show_cert_web_view', False):
|
||||
<li class="action action-certificate">
|
||||
<a class="btn" href="${cert_status['cert_web_view_url']}" target="_blank"
|
||||
<a class="btn" href="${cert_status['cert_web_view_url']}" rel="noopener" target="_blank"
|
||||
title="${_('This link will open the certificate web view')}">
|
||||
${_("View {cert_name_short}").format(cert_name_short=cert_name_short,)}
|
||||
</a>
|
||||
@@ -123,7 +123,7 @@ else:
|
||||
% if cert_status['status'] == 'downloadable' and cert_status['linked_in_url']:
|
||||
<ul class="actions actions-secondary">
|
||||
<li class="action action-share">
|
||||
<a class="action-linkedin-profile" target="_blank" href="${cert_status['linked_in_url']}"
|
||||
<a class="action-linkedin-profile" rel="noopener" target="_blank" href="${cert_status['linked_in_url']}"
|
||||
title="${_('Add Certificate to LinkedIn Profile')}"
|
||||
data-course-id="${course_overview.id}"
|
||||
data-certificate-mode="${cert_status['mode']}"
|
||||
|
||||
@@ -236,10 +236,11 @@ from util.course import get_link_for_about_page, get_encoded_course_sharing_utm_
|
||||
data-trigger="focus hover"
|
||||
class="action action-facebook"
|
||||
href="${facebook_url}"
|
||||
rel="noopener"
|
||||
target="_blank"
|
||||
title="${_('Share on Facebook')}"
|
||||
data-course-id="${course_overview.id}"
|
||||
onclick="window.open('${facebook_url}', '${share_window_name}', '${share_window_config}'); return false;">
|
||||
onclick="var popupWindow = window.open('${facebook_url}', '${share_window_name}', '${share_window_config}'); popupWindow.opener = null; return false;">
|
||||
<span class="sr">${share_msg}</span>
|
||||
<span class="fa fa-facebook" aria-hidden="true"></span>
|
||||
</a>
|
||||
@@ -257,10 +258,11 @@ from util.course import get_link_for_about_page, get_encoded_course_sharing_utm_
|
||||
data-trigger="focus hover"
|
||||
class="action action-twitter"
|
||||
href="${twitter_url}"
|
||||
rel="noopener"
|
||||
target="_blank"
|
||||
title="${_('Share on Twitter')}"
|
||||
data-course-id="${course_overview.id}"
|
||||
onclick="window.open('${twitter_url}', '${share_window_name}', '${share_window_config}'); return false;">
|
||||
onclick="var popupWindow = window.open('${twitter_url}', '${share_window_name}', '${share_window_config}'); popupWindow.opener = null; return false;">
|
||||
<span class="sr">${share_msg}</span>
|
||||
<span class="fa fa-twitter" aria-hidden="true"></span>
|
||||
</a>
|
||||
|
||||
@@ -8,7 +8,7 @@
|
||||
|
||||
% if credit_status["eligible"]:
|
||||
<%
|
||||
provider_link = HTML('<a href="{href}" target="_blank">{name}</a>').format(
|
||||
provider_link = HTML('<a href="{href}" rel="noopener" target="_blank">{name}</a>').format(
|
||||
href=credit_status["provider_status_url"],
|
||||
name=credit_status["provider_name"])
|
||||
|
||||
@@ -85,7 +85,7 @@
|
||||
</p>
|
||||
<div class="credit-action">
|
||||
% if credit_btn_label:
|
||||
<a class="btn credit-btn ${credit_btn_class}" href="${credit_btn_href}" target="_blank" data-course-key="${credit_status['course_key']}" data-user="${user.username}" data-provider="${credit_status['provider_id']}">
|
||||
<a class="btn credit-btn ${credit_btn_class}" href="${credit_btn_href}" rel="noopener" target="_blank" data-course-key="${credit_status['course_key']}" data-user="${user.username}" data-provider="${credit_status['provider_id']}">
|
||||
${credit_btn_label}
|
||||
</a>
|
||||
% endif
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
<span class="u-field-order-price"><span class="sr"><%- gettext('Cost') %>: </span><% if (!isNaN(parseFloat(totalPrice))) { %>$<% } %><%- totalPrice %></span>
|
||||
<span class="u-field-order-link">
|
||||
<% if (receiptUrl) { %>
|
||||
<a class="u-field-link" target="_blank" href="<%- receiptUrl %>"><%- gettext('Order Details') %><span class="sr"> <%- gettext('for') %> <%- orderId %></span></a>
|
||||
<a class="u-field-link" target="_blank" rel="noopener" href="<%- receiptUrl %>"><%- gettext('Order Details') %><span class="sr"> <%- gettext('for') %> <%- orderId %></span></a>
|
||||
<% } %>
|
||||
</span>
|
||||
<% _.each(lines, function(item){ %>
|
||||
|
||||
@@ -81,8 +81,8 @@ from openedx.core.djangoapps.site_configuration import helpers as configuration_
|
||||
<div class="ie-banner" aria-hidden="true">${Text(_('{begin_strong}Warning:{end_strong} Your browser is not fully supported. We strongly recommend using {chrome_link} or {ff_link}.')).format(
|
||||
begin_strong=HTML('<strong>'),
|
||||
end_strong=HTML('</strong>'),
|
||||
chrome_link=HTML('<a href="https://www.google.com/chrome" target="_blank">Chrome</a>'),
|
||||
ff_link=HTML('<a href="http://www.mozilla.org/firefox" target="_blank">Firefox</a>'),
|
||||
chrome_link=HTML('<a href="https://www.google.com/chrome" rel="noopener" target="_blank">Chrome</a>'),
|
||||
ff_link=HTML('<a href="http://www.mozilla.org/firefox" rel="noopener" target="_blank">Firefox</a>'),
|
||||
)}</div>
|
||||
<![endif]-->
|
||||
% endif
|
||||
|
||||
@@ -68,7 +68,7 @@ from openedx.core.djangoapps.site_configuration import helpers as configuration_
|
||||
</div>
|
||||
% endif
|
||||
<div class="mobile-nav-item hidden-mobile nav-item">
|
||||
<a class="help-link" href="${help_link}" target="_blank">${_("Help")}</a>
|
||||
<a class="help-link" href="${help_link}" rel="noopener" target="_blank">${_("Help")}</a>
|
||||
</div>
|
||||
<%include file="user_dropdown.html"/>
|
||||
</div>
|
||||
|
||||
@@ -12,10 +12,10 @@
|
||||
<div class="setup-value">
|
||||
<% if (cohort.get('assignment_type') == "manual") { %>
|
||||
<%- gettext("Learners are added to this cohort only when you provide their email addresses or usernames on this page.") %>
|
||||
<a href="/help_token/cohortmanual" class="incontext-help action-secondary action-help" target="_blank"><%- gettext("What does this mean?") %></a>
|
||||
<a href="/help_token/cohortmanual" class="incontext-help action-secondary action-help" rel="noopener" target="_blank"><%- gettext("What does this mean?") %></a>
|
||||
<% } else { %>
|
||||
<%- gettext("Learners are added to this cohort automatically.") %>
|
||||
<a href="/help_token/cohortautomatic" class="incontext-help action-secondary action-help" target="_blank"><%- gettext("What does this mean?") %></a>
|
||||
<a href="/help_token/cohortautomatic" class="incontext-help action-secondary action-help" rel="noopener" target="_blank"><%- gettext("What does this mean?") %></a>
|
||||
<% } %>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@@ -11,7 +11,7 @@ from openedx.core.djangolib.markup import HTML, Text
|
||||
<p>
|
||||
<em>
|
||||
${Text(_("For analytics about your course, go to {link_start}{analytics_dashboard_name}{link_end}.")).format(
|
||||
link_start=HTML('<a href="{dashboard_url}" target="_blank">').format(
|
||||
link_start=HTML('<a href="{dashboard_url}" rel="noopener" target="_blank">').format(
|
||||
dashboard_url=escape_uri_path('{base_url}/courses/{course_id}'.format(
|
||||
base_url=settings.ANALYTICS_DASHBOARD_URL,
|
||||
course_id=section_data['course_id'],
|
||||
|
||||
@@ -33,7 +33,7 @@ from openedx.core.djangolib.js_utils import js_escaped_string, dump_js_escaped_j
|
||||
// new window/tab opening
|
||||
$('a[rel="external"], a[class="new-vp"]')
|
||||
.click( function() {
|
||||
window.open( $(this).attr('href') );
|
||||
window.open( $(this).attr('href'), '', 'noopener' );
|
||||
return false;
|
||||
});
|
||||
|
||||
|
||||
@@ -34,7 +34,7 @@ from django.utils.translation import ugettext as _
|
||||
% if description:
|
||||
<div class="lti-description">${description}</div>
|
||||
% endif
|
||||
<p class="lti-link external"><a target="_blank" class="link_lti_new_window" href="${form_url}">
|
||||
<p class="lti-link external"><a target="_blank" class="link_lti_new_window" rel="noopener" href="${form_url}">
|
||||
${button_text or _('View resource in a new window')}
|
||||
<span class="icon fa fa-external-link" aria-hidden="true"></span>
|
||||
</a></p>
|
||||
|
||||
@@ -65,7 +65,8 @@ from django.utils.translation import ugettext as _
|
||||
|
||||
<li class="nav-item mt-2 nav-item-open-collapsed">
|
||||
<a href="${get_online_help_info(online_help_token)['doc_url']}"
|
||||
target="_blank"
|
||||
rel="noopener"
|
||||
target="_blank"
|
||||
class="nav-link">${_("Help")}</a>
|
||||
</li>
|
||||
|
||||
|
||||
@@ -42,6 +42,7 @@ from django.utils.translation import ugettext as _
|
||||
<%include file="../user_dropdown.html"/>
|
||||
|
||||
<a href="${get_online_help_info(online_help_token)['doc_url']}"
|
||||
rel="noopener"
|
||||
target="_blank"
|
||||
class="doc-link">${_("Help")}</a>
|
||||
|
||||
|
||||
@@ -93,8 +93,8 @@ from openedx.core.djangoapps.lang_pref.api import header_language_selector_is_en
|
||||
<div class="ie-banner" aria-hidden="true">${Text(_('{begin_strong}Warning:{end_strong} Your browser is not fully supported. We strongly recommend using {chrome_link} or {ff_link}.')).format(
|
||||
begin_strong=HTML('<strong>'),
|
||||
end_strong=HTML('</strong>'),
|
||||
chrome_link=HTML('<a href="https://www.google.com/chrome" target="_blank">Chrome</a>'),
|
||||
ff_link=HTML('<a href="http://www.mozilla.org/firefox" target="_blank">Firefox</a>'),
|
||||
chrome_link=HTML('<a href="https://www.google.com/chrome" rel="noopener" target="_blank">Chrome</a>'),
|
||||
ff_link=HTML('<a href="http://www.mozilla.org/firefox" rel="noopener" target="_blank">Firefox</a>'),
|
||||
)}</div>
|
||||
<![endif]-->
|
||||
% endif
|
||||
|
||||
@@ -28,7 +28,7 @@ import calendar
|
||||
// new window/tab opening
|
||||
$('a[rel="external"], a[class="new-vp"]')
|
||||
.click( function() {
|
||||
window.open( $(this).attr('href') );
|
||||
window.open( $(this).attr('href'), '', 'noopener' );
|
||||
return false;
|
||||
});
|
||||
|
||||
|
||||
@@ -29,7 +29,7 @@ import calendar
|
||||
// new window/tab opening
|
||||
$('a[rel="external"], a[class="new-vp"]')
|
||||
.click( function() {
|
||||
window.open( $(this).attr('href') );
|
||||
window.open( $(this).attr('href'), '', 'noopener' );
|
||||
return false;
|
||||
});
|
||||
|
||||
|
||||
@@ -134,7 +134,7 @@ import calendar
|
||||
<label data-field="terms_of_service" class="terms-of-service" for="signup_tos">
|
||||
<input id="signup_tos" name="terms_of_service" type="checkbox" value="true">
|
||||
${Text(_('I agree to the {link_start}Terms of Service{link_end}')).format(
|
||||
link_start=HTML('<a href="{url}" target="_blank">').format(url=reverse('tos')),
|
||||
link_start=HTML('<a href="{url}" rel="noopener" target="_blank">').format(url=reverse('tos')),
|
||||
link_end=HTML('</a>'))} *
|
||||
</label>
|
||||
|
||||
@@ -142,7 +142,7 @@ import calendar
|
||||
<label data-field="honor_code" class="honor-code" for="signup_honor">
|
||||
<input id="signup_honor" name="honor_code" type="checkbox" value="true">
|
||||
${Text(_('I agree to the {link_start}Honor Code{link_end}')).format(
|
||||
link_start=HTML('<a href="{url}" target="_blank">').format(url=reverse('honor')),
|
||||
link_start=HTML('<a href="{url}" rel="noopener" target="_blank">').format(url=reverse('honor')),
|
||||
link_end=HTML('</a>'))} *
|
||||
</label>
|
||||
% endif
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
<span><%= HtmlUtils.ensureHtml(message) %></span>
|
||||
<div class="alert-actions">
|
||||
<button class="btn-alert-primary" data-old-lang-code="<%- oldLangCode %>"><%- gettext('Switch Language Back') %></button>
|
||||
<a href="<%- helpTranslateLink %>" target="_blank" class="btn-alert-secondary"><%= HtmlUtils.ensureHtml(helpTranslateText) %></a>
|
||||
<a href="<%- helpTranslateLink %>" rel="noopener" target="_blank" class="btn-alert-secondary"><%= HtmlUtils.ensureHtml(helpTranslateText) %></a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@@ -15,7 +15,7 @@
|
||||
</label>
|
||||
<% if (supplementalLink && supplementalText) { %>
|
||||
<div class="supplemental-link">
|
||||
<a href="<%- supplementalLink %>" target="_blank"><%- supplementalText %></a>
|
||||
<a href="<%- supplementalLink %>" rel="noopener" target="_blank"><%- supplementalText %></a>
|
||||
</div>
|
||||
<% } %>
|
||||
<% } %>
|
||||
@@ -45,7 +45,7 @@
|
||||
<% if ( instructions ) { %> <span class="tip tip-input" id="<%- form %>-<%- name %>-desc"><%- instructions %></span><% } %>
|
||||
<% if (supplementalLink && supplementalText) { %>
|
||||
<div class="supplemental-link">
|
||||
<a href="<%- supplementalLink %>" target="_blank"><%- supplementalText %></a>
|
||||
<a href="<%- supplementalLink %>" rel="noopener" target="_blank"><%- supplementalText %></a>
|
||||
</div>
|
||||
<% } %>
|
||||
<% } else if ( type === 'textarea' ) { %>
|
||||
@@ -71,7 +71,7 @@
|
||||
<% if ( instructions ) { %> <span class="tip tip-input" id="<%- form %>-<%- name %>-desc"><%- instructions %></span><% } %>
|
||||
<% if (supplementalLink && supplementalText) { %>
|
||||
<div class="supplemental-link">
|
||||
<a href="<%- supplementalLink %>" target="_blank"><%- supplementalText %></a>
|
||||
<a href="<%- supplementalLink %>" rel="noopener" target="_blank"><%- supplementalText %></a>
|
||||
</div>
|
||||
<% } %>
|
||||
<% } else if (type === 'plaintext' ) { %>
|
||||
@@ -86,7 +86,7 @@
|
||||
<% if ( type === 'checkbox' ) { %>
|
||||
<% if (supplementalLink && supplementalText) { %>
|
||||
<div class="supplemental-link">
|
||||
<a href="<%- supplementalLink %>" target="_blank"><%- supplementalText %></a>
|
||||
<a href="<%- supplementalLink %>" rel="noopener" target="_blank"><%- supplementalText %></a>
|
||||
</div>
|
||||
<% } %>
|
||||
<% } %>
|
||||
|
||||
@@ -26,7 +26,7 @@
|
||||
|
||||
<ul>
|
||||
{% for child in delete_children %}
|
||||
<li><a href="{% url 'wiki:get' article_id=child.article.id %}" target="_blank">{{ child.article }}</a></li>
|
||||
<li><a href="{% url 'wiki:get' article_id=child.article.id %}" rel="noopener" target="_blank">{{ child.article }}</a></li>
|
||||
{% if delete_children_more %}
|
||||
<li><em>{% trans "...and more!" as tmsg%}{{tmsg|force_escape}}</em></li>
|
||||
{% endif %}
|
||||
|
||||
@@ -15,9 +15,9 @@
|
||||
<p>{% trans "This wiki uses {start_strong}Markdown{end_strong} for styling. There are several useful guides online. See any of the links below for in-depth details:" as tmsg%}
|
||||
{% interpolate_html tmsg start_strong='<strong>'|safe end_strong='</strong>'|safe %}</p>
|
||||
<ul>
|
||||
<li><a href="http://daringfireball.net/projects/markdown/basics" target="_blank">{% trans 'Markdown: Basics' as tmsg %}{{tmsg|force_escape}}</a></li>
|
||||
<li><a href="http://greg.vario.us/doc/markdown.txt" target="_blank">{% trans 'Quick Markdown Syntax Guide' as tmsg %}{{tmsg|force_escape}}</a></li>
|
||||
<li><a href="http://www.lowendtalk.com/discussion/6/miniature-markdown-guide" target="_blank">{% trans 'Miniature Markdown Guide' as tmsg%}{{tmsg|force_escape}}</a></li>
|
||||
<li><a href="http://daringfireball.net/projects/markdown/basics" rel="noopener" target="_blank">{% trans 'Markdown: Basics' as tmsg %}{{tmsg|force_escape}}</a></li>
|
||||
<li><a href="http://greg.vario.us/doc/markdown.txt" rel="noopener" target="_blank">{% trans 'Quick Markdown Syntax Guide' as tmsg %}{{tmsg|force_escape}}</a></li>
|
||||
<li><a href="http://www.lowendtalk.com/discussion/6/miniature-markdown-guide" rel="noopener" target="_blank">{% trans 'Miniature Markdown Guide' as tmsg%}{{tmsg|force_escape}}</a></li>
|
||||
</ul>
|
||||
<p>{% trans "To create a new wiki article, create a link to it. Clicking the link gives you the creation page." as tmsg %}{{tmsg|force_escape}}</p>
|
||||
<pre>{% trans "[Article Name](wiki:ArticleName)" as tmsg%}{{tmsg|force_escape}}</pre>
|
||||
|
||||
@@ -34,7 +34,9 @@ class TermsOfServiceCheckboxInput(CheckboxInput):
|
||||
u'I, and my organization, accept the {link_start}{platform_name} API Terms of Service{link_end}.'
|
||||
)).format(
|
||||
platform_name=configuration_helpers.get_value('PLATFORM_NAME', settings.PLATFORM_NAME),
|
||||
link_start=HTML(u'<a href="{url}" target="_blank">').format(url=reverse('api_admin:api-tos')),
|
||||
link_start=HTML(u'<a href="{url}" rel="noopener" target="_blank">').format(
|
||||
url=reverse('api_admin:api-tos')
|
||||
),
|
||||
link_end=HTML('</a>'),
|
||||
)
|
||||
|
||||
|
||||
@@ -806,7 +806,9 @@ class RegistrationFormFactory(object):
|
||||
)).format(
|
||||
platform_name=configuration_helpers.get_value("PLATFORM_NAME", settings.PLATFORM_NAME),
|
||||
terms_of_service=terms_label,
|
||||
terms_of_service_link_start=HTML(u"<a href='{terms_link}' target='_blank'>").format(terms_link=terms_link),
|
||||
terms_of_service_link_start=HTML(u"<a href='{terms_link}' rel='noopener' target='_blank'>").format(
|
||||
terms_link=terms_link
|
||||
),
|
||||
terms_of_service_link_end=HTML("</a>"),
|
||||
)
|
||||
|
||||
@@ -832,9 +834,13 @@ class RegistrationFormFactory(object):
|
||||
)).format(
|
||||
platform_name=configuration_helpers.get_value("PLATFORM_NAME", settings.PLATFORM_NAME),
|
||||
terms_of_service=terms_label,
|
||||
terms_of_service_link_start=HTML(u"<a href='{terms_url}' target='_blank'>").format(terms_url=terms_link),
|
||||
terms_of_service_link_start=HTML(u"<a href='{terms_url}' rel='noopener' target='_blank'>").format(
|
||||
terms_url=terms_link
|
||||
),
|
||||
terms_of_service_link_end=HTML("</a>"),
|
||||
privacy_policy_link_start=HTML(u"<a href='{pp_url}' target='_blank'>").format(pp_url=pp_link),
|
||||
privacy_policy_link_start=HTML(u"<a href='{pp_url}' rel='noopener' target='_blank'>").format(
|
||||
pp_url=pp_link
|
||||
),
|
||||
privacy_policy_link_end=HTML("</a>"),
|
||||
)
|
||||
|
||||
@@ -866,7 +872,9 @@ class RegistrationFormFactory(object):
|
||||
label = Text(_(u"I agree to the {platform_name} {tos_link_start}{terms_of_service}{tos_link_end}")).format(
|
||||
platform_name=configuration_helpers.get_value("PLATFORM_NAME", settings.PLATFORM_NAME),
|
||||
terms_of_service=terms_label,
|
||||
tos_link_start=HTML(u"<a href='{terms_link}' target='_blank'>").format(terms_link=terms_link),
|
||||
tos_link_start=HTML(u"<a href='{terms_link}' rel='noopener' target='_blank'>").format(
|
||||
terms_link=terms_link
|
||||
),
|
||||
tos_link_end=HTML("</a>"),
|
||||
)
|
||||
|
||||
|
||||
@@ -1097,7 +1097,7 @@ class RegistrationViewTest(ThirdPartyAuthTestMixin, UserAPITestCase):
|
||||
"default": False
|
||||
}
|
||||
]
|
||||
link_template = u"<a href='/honor' target='_blank'>{link_label}</a>"
|
||||
link_template = u"<a href='/honor' rel='noopener' target='_blank'>{link_label}</a>"
|
||||
|
||||
def setUp(self):
|
||||
super(RegistrationViewTest, self).setUp()
|
||||
@@ -1668,8 +1668,8 @@ class RegistrationViewTest(ThirdPartyAuthTestMixin, UserAPITestCase):
|
||||
)
|
||||
@mock.patch.dict(settings.FEATURES, {"ENABLE_MKTG_SITE": True})
|
||||
def test_registration_honor_code_mktg_site_enabled(self):
|
||||
link_template = "<a href='https://www.test.com/honor' target='_blank'>{link_label}</a>"
|
||||
link_template2 = u"<a href='#' target='_blank'>{link_label}</a>"
|
||||
link_template = "<a href='https://www.test.com/honor' rel='noopener' target='_blank'>{link_label}</a>"
|
||||
link_template2 = u"<a href='#' rel='noopener' target='_blank'>{link_label}</a>"
|
||||
link_label = "Terms of Service and Honor Code"
|
||||
link_label2 = "Privacy Policy"
|
||||
self._assert_reg_field(
|
||||
@@ -1701,7 +1701,7 @@ class RegistrationViewTest(ThirdPartyAuthTestMixin, UserAPITestCase):
|
||||
@override_settings(MKTG_URLS_LINK_MAP={"HONOR": "honor"})
|
||||
@mock.patch.dict(settings.FEATURES, {"ENABLE_MKTG_SITE": False})
|
||||
def test_registration_honor_code_mktg_site_disabled(self):
|
||||
link_template = "<a href='/privacy' target='_blank'>{link_label}</a>"
|
||||
link_template = "<a href='/privacy' rel='noopener' target='_blank'>{link_label}</a>"
|
||||
link_label = "Terms of Service and Honor Code"
|
||||
link_label2 = "Privacy Policy"
|
||||
self._assert_reg_field(
|
||||
@@ -1740,7 +1740,7 @@ class RegistrationViewTest(ThirdPartyAuthTestMixin, UserAPITestCase):
|
||||
# Honor code field should say ONLY honor code,
|
||||
# not "terms of service and honor code"
|
||||
link_label = 'Honor Code'
|
||||
link_template = u"<a href='https://www.test.com/honor' target='_blank'>{link_label}</a>"
|
||||
link_template = u"<a href='https://www.test.com/honor' rel='noopener' target='_blank'>{link_label}</a>"
|
||||
self._assert_reg_field(
|
||||
{"honor_code": "required", "terms_of_service": "required"},
|
||||
{
|
||||
@@ -1763,7 +1763,7 @@ class RegistrationViewTest(ThirdPartyAuthTestMixin, UserAPITestCase):
|
||||
|
||||
# Terms of service field should also be present
|
||||
link_label = "Terms of Service"
|
||||
link_template = u"<a href='https://www.test.com/tos' target='_blank'>{link_label}</a>"
|
||||
link_template = u"<a href='https://www.test.com/tos' rel='noopener' target='_blank'>{link_label}</a>"
|
||||
self._assert_reg_field(
|
||||
{"honor_code": "required", "terms_of_service": "required"},
|
||||
{
|
||||
@@ -1811,7 +1811,7 @@ class RegistrationViewTest(ThirdPartyAuthTestMixin, UserAPITestCase):
|
||||
|
||||
link_label = 'Terms of Service'
|
||||
# Terms of service field should also be present
|
||||
link_template = u"<a href='/tos' target='_blank'>{link_label}</a>"
|
||||
link_template = u"<a href='/tos' rel='noopener' target='_blank'>{link_label}</a>"
|
||||
self._assert_reg_field(
|
||||
{"honor_code": "required", "terms_of_service": "required"},
|
||||
{
|
||||
|
||||
@@ -710,7 +710,7 @@ class LoginAndRegistrationTest(ThirdPartyAuthTestMixin, UrlResetMixin, ModuleSto
|
||||
line_break=HTML('<br/>'),
|
||||
enterprise_name=ec_name,
|
||||
platform_name=settings.PLATFORM_NAME,
|
||||
privacy_policy_link_start=HTML(u"<a href='{pp_url}' target='_blank'>").format(
|
||||
privacy_policy_link_start=HTML(u"<a href='{pp_url}' rel='noopener' target='_blank'>").format(
|
||||
pp_url=settings.MKTG_URLS.get('PRIVACY', 'https://www.edx.org/edx-privacy-policy')
|
||||
),
|
||||
privacy_policy_link_end=HTML("</a>"),
|
||||
|
||||
@@ -40,7 +40,7 @@ def parse_license(lic):
|
||||
enabled = ["zero"]
|
||||
version = license_options.get("ver", "1.0")
|
||||
%>
|
||||
<a rel="license" href="https://creativecommons.org/licenses/${'-'.join(enabled)}/${version}/" target="_blank">
|
||||
<a rel="license" href="https://creativecommons.org/licenses/${'-'.join(enabled)}/${version}/" rel="noopener" target="_blank">
|
||||
% if button:
|
||||
<img src="https://licensebuttons.net/l/${'-'.join(enabled)}/${version}/${button_size}.png"
|
||||
alt="${license}"
|
||||
|
||||
@@ -116,7 +116,7 @@ def get_enterprise_sidebar_context(enterprise_customer):
|
||||
line_break=HTML('<br/>'),
|
||||
enterprise_name=enterprise_customer['name'],
|
||||
platform_name=platform_name,
|
||||
privacy_policy_link_start=HTML("<a href='{pp_url}' target='_blank'>").format(
|
||||
privacy_policy_link_start=HTML("<a href='{pp_url}' rel='noopener' target='_blank'>").format(
|
||||
pp_url=settings.MKTG_URLS.get('PRIVACY', 'https://www.edx.org/edx-privacy-policy')
|
||||
),
|
||||
privacy_policy_link_end=HTML("</a>"),
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
<div class="social-links">
|
||||
<% for (var platform in socialLinks) { %>
|
||||
<% if (socialLinks[platform]) { %>
|
||||
<a target="_blank" href= <%-socialLinks[platform]%>>
|
||||
<a rel="noopener" target="_blank" href= <%-socialLinks[platform]%>>
|
||||
<span class="icon fa fa-<%-platform%>-square" data-platform=<%-platform%> aria-hidden="true"></span>
|
||||
</a>
|
||||
<% } %>
|
||||
|
||||
@@ -35,7 +35,7 @@ from openedx.core.djangolib.markup import HTML, Text
|
||||
)
|
||||
%>
|
||||
% if certificate_url:
|
||||
<a href="${certificate_url}" target="_blank">
|
||||
<a href="${certificate_url}" rel="noopener" target="_blank">
|
||||
<div class="card certificate-card mode-${certificate['type']}">
|
||||
<div class="card-logo">
|
||||
<h4 class="sr-only">
|
||||
|
||||
@@ -294,7 +294,7 @@ from student.models import CourseEnrollment
|
||||
<li class="order-history">
|
||||
<span class="title">${_("Order History")}</span>
|
||||
% for order_history_item in order_history_list:
|
||||
<span><a href="${order_history_item['receipt_url']}" target="_blank" class="edit-name">${order_history_item['order_date']}</a></span>
|
||||
<span><a href="${order_history_item['receipt_url']}" rel="noopener" target="_blank" class="edit-name">${order_history_item['order_date']}</a></span>
|
||||
% endfor
|
||||
</li>
|
||||
% endif
|
||||
|
||||
@@ -67,13 +67,11 @@ from openedx.core.djangoapps.site_configuration import helpers as configuration_
|
||||
% endif
|
||||
<div class="mobile-nav-item hidden-mobile nav-item">
|
||||
% if online_help_token == "instructor":
|
||||
<a class="help-link" href="${get_online_help_info(online_help_token)['doc_url']}" target="_blank">${_("Help")}</a>
|
||||
<a class="help-link" href="${get_online_help_info(online_help_token)['doc_url']}" rel="noopener" target="_blank">${_("Help")}</a>
|
||||
% else:
|
||||
<a class="help-link" href="${configuration_helpers.get_value('SUPPORT_SITE_LINK', settings.SUPPORT_SITE_LINK)}" target="_blank">${_("Help")}</a>
|
||||
<a class="help-link" href="${configuration_helpers.get_value('SUPPORT_SITE_LINK', settings.SUPPORT_SITE_LINK)}" rel="noopener" target="_blank">${_("Help")}</a>
|
||||
% endif
|
||||
</div>
|
||||
<%include file="user_dropdown.html"/>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
|
||||
@@ -21,7 +21,7 @@ from openedx.core.djangolib.markup import HTML, Text
|
||||
// new window/tab opening
|
||||
$('a[rel="external"], a[class="new-vp"]')
|
||||
.click( function() {
|
||||
window.open( $(this).attr('href') );
|
||||
window.open( $(this).attr('href'), '', 'noopener' );
|
||||
return false;
|
||||
});
|
||||
|
||||
|
||||
Reference in New Issue
Block a user