fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-07 10:41:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

Restrict blackshield protection in modern WebKit-based browsers and Firefox

Browse source 
최근 브라우저들은 target="_blank" 사용시 자동으로 rel="noopener" 선언한 것으로
취급하므로 별도로 처리해 줄 필요가 없으며, blankshield 라이브러리 사용시
오히려 문제가 발생하는 경우가 많음. (예: iOS 웹뷰)
This commit is contained in:
Kijin Sung 2022-07-31 21:38:10 +09:00
parent 1e27bae404
commit 4cbe598a50
1 changed files with 51 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

31
common/js/common.js
View file

@ -316,7 +316,29 @@ jQuery(function($) {
$(this).parents("form[method]").filter(function() { return String($(this).attr("method")).toUpperCase() == "POST"; }).addCSRFTokenToForm(); $(this).parents("form[method]").filter(function() { return String($(this).attr("method")).toUpperCase() == "POST"; }).addCSRFTokenToForm();
}); });
/* Tabnapping protection, step 1 */ /**
* Reverse tabnapping protection
*
* Automatically add rel="noopener" to any external link with target="_blank"
* This is not required in most modern browsers.
* https://caniuse.com/mdn-html_elements_a_implicit_noopener
*/
var noopenerRequired = (function() {
var isChromeBased = navigator.userAgent.match(/Chrome\/([0-9]+)/);
if (isChromeBased && parseInt(isChromeBased[1], 10) >= 72) {
return false;
}
var isAppleWebKit = navigator.userAgent.match(/AppleWebKit\/([0-9]+)/);
if (isAppleWebKit && parseInt(isAppleWebKit[1], 10) >= 605) {
return false;
}
var isFirefox = navigator.userAgent.match(/Firefox\/([0-9]+)/);
if (isFirefox && parseInt(isFirefox[1], 10) >= 79) {
return false;
}
return true;
})();
if (noopenerRequired) {
$('a[target]').each(function() { $('a[target]').each(function() {
var $this = $(this); var $this = $(this);
var href = String($this.attr('href')).trim(); var href = String($this.attr('href')).trim();
@ -332,8 +354,6 @@ jQuery(function($) {
} }
} }
}); });
/* Tabnapping protection, step 2 */
$('body').on('click', 'a[target]', function(event) { $('body').on('click', 'a[target]', function(event) {
var $this = $(this); var $this = $(this);
var href = String($this.attr('href')).trim(); var href = String($this.attr('href')).trim();
@ -347,14 +367,11 @@ jQuery(function($) {
if (!rel.match(/\bnoopener\b/)) { if (!rel.match(/\bnoopener\b/)) {
$this.attr('rel', $.trim(rel + ' noopener')); $this.attr('rel', $.trim(rel + ' noopener'));
} }
var isChrome = navigator.userAgent.match(/Chrome\/([0-9]+)/);
if (isChrome && parseInt(isChrome[1], 10) >= 72) {
return;
}
event.preventDefault(); event.preventDefault();
blankshield.open(href); blankshield.open(href);
} }
}); });
}
/* Editor preview replacement */ /* Editor preview replacement */
$(".editable_preview").addClass("rhymix_content xe_content").attr("tabindex", 0); $(".editable_preview").addClass("rhymix_content xe_content").attr("tabindex", 0);