mirror of
https://github.com/zulip/zulip.git
synced 2025-10-23 04:52:12 +00:00
CVE-2020-14194: Use noopener/noreferrer for external links.
We fixed the main issue of this form in CVE-2020-9444, but the audit done at that time only included links found in rendered_markdown; this change completes our audit for links with target=_blank anywhere in the codebase.
This commit is contained in:
Tim Abbott
@@ -5,7 +5,7 @@
|
||||
</td>
|
||||
<td>
|
||||
<span class="emoji_image">
|
||||
<a href="{{source_url}}" target="_blank">
|
||||
<a href="{{source_url}}" target="_blank" rel="noopener noreferrer">
|
||||
<img class="emoji" src="{{source_url}}" alt="{{display_name}}" />
|
||||
</a>
|
||||
</span>
|
||||
|
||||
@@ -2,7 +2,11 @@
|
||||
<tr class="invite_row">
|
||||
<td>
|
||||
{{#if is_multiuse}}
|
||||
<span class="email"><a href="{{link_url}}" target="_blank">{{t 'Invite link'}}</a></span>
|
||||
<span class="email">
|
||||
<a href="{{link_url}}" target="_blank" rel="noopener noreferrer">
|
||||
{{t 'Invite link'}}
|
||||
</a>
|
||||
</span>
|
||||
{{else}}
|
||||
<span class="email">{{email}}</span>
|
||||
{{/if}}
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
<a href="{{ link }}" target="_blank">
|
||||
<a href="{{ link }}" target="_blank" rel="noopener noreferrer">
|
||||
<i class="fa fa-question-circle-o" aria-hidden="true"></i>
|
||||
</a>
|
||||
|
||||
@@ -32,7 +32,7 @@
|
||||
</span><span class="recipient_bar_controls no-select">
|
||||
{{! exterior links (e.g. to a trac ticket) }}
|
||||
{{#each topic_links}}
|
||||
<a href="{{this}}" target="_blank" class="no-underline">
|
||||
<a href="{{this}}" target="_blank" rel="noopener noreferrer" class="no-underline">
|
||||
<i class="fa fa-external-link-square recipient_bar_icon" aria-label="{{t 'External link' }}"></i>
|
||||
</a>
|
||||
{{/each}}
|
||||
|
||||
@@ -40,7 +40,7 @@
|
||||
{{#if page_params.two_fa_enabled }}
|
||||
<p for="two_factor_auth" class="inline-block title">
|
||||
{{t "Two factor authentication" }}: {{#if page_params.two_fa_enabled_user }}{{t "Enabled" }}{{else}}{{t "Disabled" }}{{/if}}
|
||||
<a target="_blank" id="two_factor_auth" href="/account/two_factor/" title="{{t 'Setup two factor authentication' }}">[{{t "Setup" }}]</a>
|
||||
<a target="_blank" rel="noopener noreferrer" id="two_factor_auth" href="/account/two_factor/" title="{{t 'Setup two factor authentication' }}">[{{t "Setup" }}]</a>
|
||||
</p>
|
||||
{{/if}}
|
||||
|
||||
@@ -101,7 +101,7 @@
|
||||
<label for="old_password" class="title">{{t "Old password" }}</label>
|
||||
<input type="password" autocomplete="off" name="old_password" id="old_password" class="w-200 inline-block" value="" />
|
||||
<div class="info">
|
||||
<a href="/accounts/password/reset/" class="sea-green" target="_blank">{{t "Forgotten it?" }}</a>
|
||||
<a href="/accounts/password/reset/" class="sea-green" target="_blank" rel="noopener noreferrer">{{t "Forgotten it?" }}</a>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
@@ -161,7 +161,7 @@
|
||||
is_editable_by_current_user = user_can_change_avatar
|
||||
image = page_params.avatar_url_medium}}
|
||||
<div id="user-avatar-source">
|
||||
<a href="https://en.gravatar.com/" target="_blank">{{t "Avatar from Gravatar" }}</a>
|
||||
<a href="https://en.gravatar.com/" target="_blank" rel="noopener noreferrer">{{t "Avatar from Gravatar" }}</a>
|
||||
</div>
|
||||
</div>
|
||||
<div class="clear-float"></div>
|
||||
|
||||
@@ -11,7 +11,10 @@
|
||||
<div id="password_confirmation">
|
||||
<form id="api_key_form">
|
||||
<p>{{t "Please re-enter your password to confirm your identity." }}
|
||||
<a href="/accounts/password/reset/" target="_blank">{{t "Never had one? Forgotten it?" }}</a></p>
|
||||
<a href="/accounts/password/reset/" target="_blank" rel="noopener noreferrer">
|
||||
{{t "Never had one? Forgotten it?" }}
|
||||
</a>
|
||||
</p>
|
||||
<div class="control-group">
|
||||
<label for="password" class="control-label">{{t "Current password" }}</label>
|
||||
<input type="password" autocomplete="off" name="password" id="get_api_key_password" value="" />
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
<div class="bot-settings-form">
|
||||
{{#unless page_params.is_guest}}
|
||||
<div class="tip">
|
||||
{{#tr this}}Looking for our <a href="/integrations" target="_blank">Integrations</a> or <a href="/api" target="_blank">API</a> documentation?{{/tr}}
|
||||
{{#tr this}}Looking for our <a href="/integrations" target="_blank" rel="noopener noreferrer">Integrations</a> or <a href="/api" rel="noopener noreferrer" target="_blank">API</a> documentation?{{/tr}}
|
||||
</div>
|
||||
<div class="tip bot-settings-tip"></div>
|
||||
|
||||
|
||||
@@ -8,7 +8,7 @@
|
||||
{{t 'Depending on the size of your organization, an export can take anywhere from seconds to an hour.' }}
|
||||
</p>
|
||||
<p>
|
||||
{{#tr this}}<a href="/help/export-your-organization" target="_blank">Click here</a> to learn about exporting private streams and messages.{{/tr}}
|
||||
{{#tr this}}<a href="/help/export-your-organization" target="_blank" rel="noopener noreferrer">Click here</a> to learn about exporting private streams and messages.{{/tr}}
|
||||
{{t 'Note that organizations are limited to five exports per week.' }}
|
||||
</p>
|
||||
|
||||
|
||||
@@ -36,7 +36,7 @@
|
||||
</ul>
|
||||
<p>
|
||||
{{#tr this}}
|
||||
More details are available <a href="/help/add-a-custom-linkification-filter" target="_blank">in the Help Center article</a>.
|
||||
More details are available <a href="/help/add-a-custom-linkification-filter" target="_blank" rel="noopener noreferrer">in the Help Center article</a>.
|
||||
{{/tr}}
|
||||
</p>
|
||||
|
||||
|
||||
@@ -53,7 +53,7 @@
|
||||
<div id="realm_icon_file_input_error" class="text-error m-t-10"></div>
|
||||
</div>
|
||||
</div>
|
||||
<a href="/login/?preview=true" target="_blank" class="button rounded sea-green w-200 block" id="id_org_profile_preview">
|
||||
<a href="/login/?preview=true" target="_blank" rel="noopener noreferrer" class="button rounded sea-green w-200 block" id="id_org_profile_preview">
|
||||
{{t 'Preview organization profile' }}
|
||||
<i class="fa fa-external-link" aria-hidden="true" title="{{t 'Preview organization profile' }}"></i>
|
||||
</a>
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
<div>
|
||||
{{#unless zulip_plan_is_not_limited}}
|
||||
<a href="/upgrade" class="upgrade-tip" target="_blank">
|
||||
<a href="/upgrade" class="upgrade-tip" target="_blank" rel="noopener noreferrer">
|
||||
{{upgrade_text_for_wide_organization_logo}}
|
||||
</a>
|
||||
{{/unless}}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
<span>
|
||||
{{#tr this}}Organization using __percent_used__% of __upload_quota__.{{/tr}}
|
||||
{{#if show_upgrade_message}}{{#tr this}}<a href="/upgrade" target="_blank">Upgrade</a> for more space.{{/tr}}{{/if}}
|
||||
{{#if show_upgrade_message}}{{#tr this}}<a href="/upgrade" target="_blank" rel="noopener noreferrer">Upgrade</a> for more space.{{/tr}}{{/if}}
|
||||
</span>
|
||||
|
||||
@@ -24,7 +24,7 @@
|
||||
{{t "Stream permissions" }}
|
||||
</div>
|
||||
<div class="stream-creation-info">
|
||||
{{t 'These settings are explained in detail in the <a target="_blank" href="/help/stream-permissions">help center</a>.'}}
|
||||
{{t 'These settings are explained in detail in the <a target="_blank" rel="noopener noreferrer" href="/help/stream-permissions">help center</a>.'}}
|
||||
</div>
|
||||
|
||||
{{> stream_types is_public=true stream_post_policy=stream_post_policy_values.everyone.code}}
|
||||
|
||||
@@ -36,7 +36,7 @@
|
||||
<div class="nothing-selected">
|
||||
{{#if can_create_streams}}
|
||||
<button type="button" class="create_stream_button button small rounded">{{t 'Create stream' }}</button>
|
||||
<span>{{t 'First time? Read our <a href="/help/getting-your-organization-started-with-zulip#create-streams" target="_blank">guidelines</a> for creating and naming streams.' }}</span>
|
||||
<span>{{t 'First time? Read our <a href="/help/getting-your-organization-started-with-zulip#create-streams" target="_blank" rel="noopener noreferrer">guidelines</a> for creating and naming streams.' }}</span>
|
||||
{{/if}}
|
||||
</div>
|
||||
<div class="settings" data-simplebar data-simplebar-auto-hide="false">
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
{{#with attachment}}
|
||||
<tr class="uploaded_file_row" id="{{name}}" data-attachment-id="{{id}}">
|
||||
<td>
|
||||
<a type="submit" href="/user_uploads/{{path_id}}" target="_blank" title="{{t 'View file' }}">
|
||||
<a type="submit" href="/user_uploads/{{path_id}}" target="_blank" rel="noopener noreferrer" title="{{t 'View file' }}">
|
||||
{{ name }}
|
||||
</a>
|
||||
</td>
|
||||
|
||||
@@ -9,7 +9,7 @@
|
||||
|
||||
{{#unless is_guest}}
|
||||
<p>
|
||||
{{#tr this}}User groups allow you to <a href="/help/mention-a-user-or-group" target="_blank">mention</a> multiple users at once. When you mention a user group, everyone in the group is notified as if they were individually mentioned.{{/tr}}
|
||||
{{#tr this}}User groups allow you to <a href="/help/mention-a-user-or-group" target="_blank" rel="noopener noreferrer">mention</a> multiple users at once. When you mention a user group, everyone in the group is notified as if they were individually mentioned.{{/tr}}
|
||||
</p>
|
||||
{{#if (or is_admin (eq realm_user_group_edit_policy USER_GROUP_EDIT_POLICY_MEMBERS))}}
|
||||
<form class="form-horizontal admin-user-group-form">
|
||||
|
||||
@@ -50,9 +50,9 @@
|
||||
<div class="input" contenteditable="false" style="display: none;"></div>
|
||||
</div>
|
||||
{{else if this.is_link}}
|
||||
<a href="{{this.value}}" target="_blank" class="value">{{this.value}}</a>
|
||||
<a href="{{this.value}}" target="_blank" rel="noopener noreferrer" class="value">{{this.value}}</a>
|
||||
{{else if this.is_external_account}}
|
||||
<a href="{{this.link}}" target="_blank" class="value">{{this.value}}</a>
|
||||
<a href="{{this.link}}" target="_blank" rel="noopener noreferrer" class="value">{{this.value}}</a>
|
||||
{{else}}
|
||||
{{#if this.rendered_value}}
|
||||
<div class="value rendered_markdown">{{rendered_markdown this.rendered_value}}</div>
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
<span class="label">realm</span>
|
||||
<h3><img src="{{ realm_icon_url(realm) }}" class="support-realm-icon"> {{ realm.name }}</h3>
|
||||
<b>URL</b>: <a target="_blank" href="{{ realm.uri }}">{{ realm.uri }}</a> |
|
||||
<a target="_blank" href="/stats/realm/{{ realm.string_id }}/">stats</a> |
|
||||
<a target="_blank" href="/realm_activity/{{ realm.string_id }}/">activity</a><br>
|
||||
<b>URL</b>: <a target="_blank" rel="noopener noreferrer" href="{{ realm.uri }}">{{ realm.uri }}</a> |
|
||||
<a target="_blank" rel="noopener noreferrer" href="/stats/realm/{{ realm.string_id }}/">stats</a> |
|
||||
<a target="_blank" rel="noopener noreferrer" href="/realm_activity/{{ realm.string_id }}/">activity</a><br>
|
||||
<b>Date created</b>: {{ realm.date_created|timesince }} ago<br>
|
||||
<b>Admins</b>: {{ realm_admin_emails(realm) }}
|
||||
<a title="Copy emails" class="copy-button" data-copytext="{{ realm_admin_emails(realm) }}">
|
||||
|
||||
@@ -40,7 +40,7 @@ the registration flow has its own (nearly identical) copy of the fields below in
|
||||
<input id="id_terms" class="required" type="checkbox" name="terms"
|
||||
{% if form.terms.value() %}checked="checked"{% endif %} />
|
||||
<span></span>
|
||||
{% trans %}I agree to the <a href="{{ root_domain_uri }}/terms" target="_blank">Terms of Service</a>.{% endtrans %}
|
||||
{% trans %}I agree to the <a href="{{ root_domain_uri }}/terms" target="_blank" rel="noopener noreferrer">Terms of Service</a>.{% endtrans %}
|
||||
</label>
|
||||
{% if form.terms.errors %}
|
||||
{% for error in form.terms.errors %}
|
||||
|
||||
@@ -14,7 +14,7 @@
|
||||
<i class="fa fa-exclamation-circle" aria-hidden="true"></i>
|
||||
{% trans %}
|
||||
Some older messages are unavailable.
|
||||
<a href="/plans/" target="_blank">Upgrade your organization</a>
|
||||
<a href="/plans/" target="_blank" rel="noopener noreferrer">Upgrade your organization</a>
|
||||
to access your full message history.
|
||||
{% endtrans %}
|
||||
</p>
|
||||
@@ -25,7 +25,7 @@
|
||||
{% trans %}
|
||||
End of results from your
|
||||
<a href="/help/search-for-messages#searching-shared-history"
|
||||
target="_blank">history</a>.
|
||||
target="_blank" rel="noopener noreferrer">history</a>.
|
||||
Consider <a class="search-shared-history" href="">searching all public streams</a>.
|
||||
{% endtrans %}
|
||||
</p>
|
||||
|
||||
@@ -78,7 +78,7 @@
|
||||
We recommend that
|
||||
you <a class="webathena_login">give Zulip the ability to mirror the messages for you via
|
||||
WebAthena</a>. If you'd prefer, you can instead
|
||||
<a href="/zephyr-mirror" target="_blank">run the
|
||||
<a href="/zephyr-mirror" target="_blank" rel="noopener noreferrer">run the
|
||||
Zephyr mirror script yourself</a> in a screen
|
||||
session.
|
||||
</span>
|
||||
|
||||
@@ -308,6 +308,6 @@
|
||||
</table>
|
||||
</div>
|
||||
<hr>
|
||||
<a href="/help/keyboard-shortcuts" target="_blank">{% trans %}Detailed keyboard shortcuts documentation{% endtrans %}</a>
|
||||
<a href="/help/keyboard-shortcuts" target="_blank" rel="noopener noreferrer">{% trans %}Detailed keyboard shortcuts documentation{% endtrans %}</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@@ -10,7 +10,7 @@
|
||||
<div class="title">{{ _('Pan & Zoom') }}</div>
|
||||
<div class="status" data-disabled="{{ _('Disabled') }}" data-enabled="{{ _('Enabled') }}"></div>
|
||||
</div>
|
||||
<a class="button small open" target="_blank">{{ _('Open') }}</a>
|
||||
<a class="button small open" rel="noopener noreferrer" target="_blank">{{ _('Open') }}</a>
|
||||
<a class="button small download" download>{{ _('Download') }}</a>
|
||||
</div>
|
||||
<div class="clear-float"></div>
|
||||
|
||||
@@ -26,7 +26,7 @@
|
||||
</tr>
|
||||
<tr>
|
||||
<td>[Zulip website](https://zulip.org) (or <kbd>Ctrl + Shift + L</kbd>)</td>
|
||||
<td class="rendered_markdown"><a href="https://zulip.org" target="_blank">Zulip website</a></td>
|
||||
<td class="rendered_markdown"><a href="https://zulip.org" target="_blank" rel="noopener noreferrer">Zulip website</a></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>* Milk<br>
|
||||
@@ -61,7 +61,7 @@
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>:heart: (and <a href="https://www.webfx.com/tools/emoji-cheat-sheet/" target="_blank">many others</a>, from the <a href="https://code.google.com/p/noto/" target="_blank">Noto Project</a>)</td>
|
||||
<td>:heart: (and <a href="https://www.webfx.com/tools/emoji-cheat-sheet/" target="_blank" rel="noopener noreferrer">many others</a>, from the <a href="https://code.google.com/p/noto/" target="_blank" rel="noopener noreferrer">Noto Project</a>)</td>
|
||||
<td class="rendered_markdown"><img alt=":heart:" class="emoji" src="/static/generated/emoji/images/emoji/heart.png" title=":heart:" /></td>
|
||||
</tr>
|
||||
<tr>
|
||||
@@ -113,7 +113,7 @@ def zulip():
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan="2">{% trans %}To add syntax highlighting to a multi-line code block,
|
||||
add the language's <b>first</b> <a target="_blank" href="https://pygments.org/docs/lexers/">Pygments short name</a>
|
||||
add the language's <b>first</b> <a target="_blank" rel="noopener noreferrer" href="https://pygments.org/docs/lexers/">Pygments short name</a>
|
||||
after the first set of back-ticks.
|
||||
You can also make a code block by indenting each line with 4 spaces.{% endtrans %}</td>
|
||||
</tr>
|
||||
@@ -159,9 +159,9 @@ This text won't be visible until the user clicks.
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="rendered_markdown" colspan="2">{% trans %}You can also make <a target="_blank"
|
||||
<td class="rendered_markdown" colspan="2">{% trans %}You can also make <a target="_blank" rel="noopener noreferrer"
|
||||
href="https://github.com/adam-p/markdown-here/wiki/Markdown-Cheatsheet#wiki-tables">tables</a>
|
||||
with this <a target="_blank"
|
||||
with this <a target="_blank" rel="noopener noreferrer"
|
||||
href="https://github.com/adam-p/markdown-here/wiki/Markdown-Cheatsheet#wiki-tables">Markdown-ish
|
||||
table syntax</a>.{% endtrans %}</td>
|
||||
</tr>
|
||||
@@ -169,6 +169,6 @@ This text won't be visible until the user clicks.
|
||||
</table>
|
||||
</div>
|
||||
<hr>
|
||||
<a href="/help/format-your-message-using-markdown" target="_blank">Detailed message formatting documentation</a>
|
||||
<a href="/help/format-your-message-using-markdown" target="_blank" rel="noopener noreferrer">Detailed message formatting documentation</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@@ -80,7 +80,7 @@
|
||||
</li>
|
||||
<li class="divider"></li>
|
||||
<li role="presentation">
|
||||
<a href="/help" target="_blank" role="menuitem">
|
||||
<a href="/help" target="_blank" rel="noopener noreferrer" role="menuitem">
|
||||
<i class="fa fa-question-circle" aria-hidden="true"></i> {{ _('Help center') }}
|
||||
</a>
|
||||
</li>
|
||||
@@ -101,30 +101,30 @@
|
||||
</li>
|
||||
{% if corporate_enabled %}
|
||||
<li role="presentation">
|
||||
<a href="/help/contact-support" target="_blank" role="menuitem">
|
||||
<a href="/help/contact-support" target="_blank" rel="noopener noreferrer" role="menuitem">
|
||||
<i class="fa fa-envelope" aria-hidden="true"></i> {{ _('Contact support') }}
|
||||
</a>
|
||||
</li>
|
||||
{% endif %}
|
||||
<li class="divider" role="presentation"></li>
|
||||
<li role="presentation">
|
||||
<a href="{{ apps_page_url }}" target="_blank" role="menuitem">
|
||||
<a href="{{ apps_page_url }}" target="_blank" rel="noopener noreferrer" role="menuitem">
|
||||
<i class="fa fa-desktop" aria-hidden="true"></i> {{ _('Desktop & mobile apps') }}
|
||||
</a>
|
||||
</li>
|
||||
<li role="presentation">
|
||||
<a href="/integrations" target="_blank" role="menuitem">
|
||||
<a href="/integrations" target="_blank" rel="noopener noreferrer" role="menuitem">
|
||||
<i class="fa fa-github" aria-hidden="true"></i> {{ _('Integrations') }}
|
||||
</a>
|
||||
</li>
|
||||
<li role="presentation">
|
||||
<a href="/api" target="_blank" role="menuitem">
|
||||
<a href="/api" target="_blank" rel="noopener noreferrer" role="menuitem">
|
||||
<i class="fa fa-sitemap" aria-hidden="true"></i> {{ _('API documentation') }}
|
||||
</a>
|
||||
</li>
|
||||
{% if not is_guest %}
|
||||
<li role="presentation">
|
||||
<a href="/stats" target="_blank" role="menuitem">
|
||||
<a href="/stats" target="_blank" rel="noopener noreferrer" role="menuitem">
|
||||
<i class="fa fa-bar-chart" aria-hidden="true"></i>
|
||||
<span>{{ _('Statistics') }}</span>
|
||||
</a>
|
||||
@@ -132,14 +132,14 @@
|
||||
{% endif %}
|
||||
{% if show_plans %}
|
||||
<li role="presentation">
|
||||
<a href="/plans" target="_blank" role="menuitem">
|
||||
<a href="/plans" target="_blank" rel="noopener noreferrer" role="menuitem">
|
||||
<i class="fa fa-rocket" aria-hidden="true"></i> {{ _('Plans and pricing') }}
|
||||
</a>
|
||||
</li>
|
||||
{% endif %}
|
||||
{% if show_billing %}
|
||||
<li role="presentation">
|
||||
<a href="/billing" target="_blank" role="menuitem">
|
||||
<a href="/billing" target="_blank" rel="noopener noreferrer" role="menuitem">
|
||||
<i class="fa fa-credit-card" aria-hidden="true"></i> {{ _('Billing') }}
|
||||
</a>
|
||||
</li>
|
||||
|
||||
@@ -21,7 +21,7 @@
|
||||
<span class="close" data-dismiss="alert" aria-label="{{ _('Close') }}">×</span>
|
||||
<div data-step="1">
|
||||
{% trans %}Zulip needs to send email to confirm users' addresses and send notifications.{% endtrans %}
|
||||
<a class="alert-link" href="https://zulip.readthedocs.io/en/latest/production/email.html" target="_blank">
|
||||
<a class="alert-link" href="https://zulip.readthedocs.io/en/latest/production/email.html" target="_blank" rel="noopener noreferrer">
|
||||
{% trans %}See how to configure email.{% endtrans %}
|
||||
</a>
|
||||
</div>
|
||||
@@ -42,7 +42,7 @@
|
||||
<div data-step="1">
|
||||
{% trans apps_page_link="https://zulip.com/apps" %}
|
||||
You are using an old version of the Zulip desktop app with known security bugs.
|
||||
<a class="alert-link" href="{{ apps_page_link }}" target="_blank">
|
||||
<a class="alert-link" href="{{ apps_page_link }}" target="_blank" rel="noopener noreferrer">
|
||||
Download the latest version.
|
||||
</a>
|
||||
{% endtrans %}
|
||||
|
||||
@@ -113,6 +113,6 @@
|
||||
{% endtrans %}
|
||||
</p>
|
||||
<hr>
|
||||
<a href="/help/search-for-messages#search-operators" target="_blank">{% trans %}Detailed search operators documentation{% endtrans %}</a>
|
||||
<a href="/help/search-for-messages#search-operators" target="_blank" rel="noopener noreferrer">{% trans %}Detailed search operators documentation{% endtrans %}</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@@ -21,7 +21,7 @@
|
||||
<div class="cta">
|
||||
<h1>Zulip for <span class="platform"></span></h1>
|
||||
<p class="description"></p>
|
||||
<p class="download-instructions">For download instructions, go to the <a class="silver bold" href="/help/desktop-app-install-guide" target="_blank">desktop app install guide</a>.</p>
|
||||
<p class="download-instructions">For download instructions, go to the <a class="silver bold" href="/help/desktop-app-install-guide" target="_blank" rel="noopener noreferrer">desktop app install guide</a>.</p>
|
||||
<a class="desktop-download-link no-action" hidden href=""><span class="button green">Download Zulip for <span class="platform"></span></span></a>
|
||||
<a class="download-from-google-play-store" hidden href=""><img src='/static/images/store-badges/google-play-badge.png' alt=""/></a>
|
||||
<a class="download-from-apple-app-store" hidden href=""><img src='/static/images/store-badges/app-store-badge.svg' alt=""/></a>
|
||||
|
||||
@@ -37,7 +37,7 @@
|
||||
{% else %}
|
||||
<p>
|
||||
Please have a look at our
|
||||
<a target="_blank" href="https://zulip.readthedocs.io/en/latest/subsystems/email.html#development-and-testing">
|
||||
<a target="_blank" rel="noopener noreferrer" href="https://zulip.readthedocs.io/en/latest/subsystems/email.html#development-and-testing">
|
||||
setup guide</a> for forwarding emails sent in development
|
||||
environment to an email account.
|
||||
</p>
|
||||
|
||||
@@ -49,7 +49,7 @@
|
||||
<br>
|
||||
<div class="alert alert-info">
|
||||
You must setup SMTP as described
|
||||
<a target="_blank" href="https://zulip.readthedocs.io/en/latest/subsystems/email.html#development-and-testing">
|
||||
<a target="_blank" rel="noopener noreferrer" href="https://zulip.readthedocs.io/en/latest/subsystems/email.html#development-and-testing">
|
||||
here</a> first before enabling this.
|
||||
</div>
|
||||
</form>
|
||||
|
||||
@@ -95,7 +95,7 @@
|
||||
<p>Communicate as efficiently as you use your favorite
|
||||
text editor. Anything you can do with a mouse, you
|
||||
can do even faster from the keyboard.
|
||||
<a class="cta" href="/help/keyboard-shortcuts" target="_blank">
|
||||
<a class="cta" href="/help/keyboard-shortcuts" target="_blank" rel="noopener noreferrer">
|
||||
Learn more about keyboard shortcuts.</a>
|
||||
</p>
|
||||
</div>
|
||||
@@ -105,7 +105,7 @@
|
||||
<section>
|
||||
<h2>Apps, integrations, and API.</h2>
|
||||
|
||||
<a class="feature-block" href="/integrations" target="_blank">
|
||||
<a class="feature-block" href="/integrations" target="_blank" rel="noopener noreferrer">
|
||||
<h3>INTEGRATIONS</h3>
|
||||
<p>
|
||||
Get alerts and updates from your favorite services with
|
||||
@@ -113,7 +113,7 @@
|
||||
Jenkins, and more.
|
||||
</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/api" target="_blank">
|
||||
<a class="feature-block" href="/api" target="_blank" rel="noopener noreferrer">
|
||||
<h3>API</h3>
|
||||
<p>
|
||||
Want to roll your own notifications? We’ve got a
|
||||
@@ -121,12 +121,12 @@
|
||||
integrations—both sending and receiving—a snap!
|
||||
</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/apps" target="_blank">
|
||||
<a class="feature-block" href="/apps" target="_blank" rel="noopener noreferrer">
|
||||
<h3>MOBILE APPS</h3>
|
||||
<p>Keep up while on the go with our native quality iOS and
|
||||
Android apps.</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/apps" target="_blank">
|
||||
<a class="feature-block" href="/apps" target="_blank" rel="noopener noreferrer">
|
||||
<h3>DESKTOP APPS</h3>
|
||||
<p>Prefer Zulip in its own window and rich, OS-level
|
||||
notifications? Enjoy Zulip on your desktop.</p>
|
||||
@@ -140,14 +140,14 @@
|
||||
<section>
|
||||
<h2>And everything else you need…</h2>
|
||||
|
||||
<a class="feature-block" href="/security" target="_blank">
|
||||
<a class="feature-block" href="/security" target="_blank" rel="noopener noreferrer">
|
||||
<h3>ENTERPRISE-GRADE SECURITY</h3>
|
||||
<p>
|
||||
Zulip is used by some of the most security-conscious
|
||||
organizations in the world.
|
||||
</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/help/search-for-messages" target="_blank">
|
||||
<a class="feature-block" href="/help/search-for-messages" target="_blank" rel="noopener noreferrer">
|
||||
<h3>FULL-TEXT FULL-HISTORY SEARCH</h3>
|
||||
<p>
|
||||
Search is both snappy and smart, helping you look for
|
||||
@@ -155,31 +155,31 @@
|
||||
search operators for fine-grained control.
|
||||
</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/help/stream-permissions" target="_blank">
|
||||
<a class="feature-block" href="/help/stream-permissions" target="_blank" rel="noopener noreferrer">
|
||||
<h3>HISTORY</h3>
|
||||
<p>Join a stream and see its history, so even new team
|
||||
members are never out of the loop.</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/help/star-a-message" target="_blank">
|
||||
<a class="feature-block" href="/help/star-a-message" target="_blank" rel="noopener noreferrer">
|
||||
<h3>STARRED MESSAGES</h3>
|
||||
<p>Keep a todo list of messages to come back to, or keep
|
||||
track of interesting conversations.</p>
|
||||
</a>
|
||||
|
||||
<a class="feature-block" href="/help/analytics" target="_blank">
|
||||
<a class="feature-block" href="/help/analytics" target="_blank" rel="noopener noreferrer">
|
||||
<h3>STATISTICS</h3>
|
||||
<p>Zulip has a powerful set of analytics available to
|
||||
help you see how your organization communicates.</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/help/private-messages" target="_blank">
|
||||
<a class="feature-block" href="/help/private-messages" target="_blank" rel="noopener noreferrer">
|
||||
<h3>ONE-ON-ONE AND GROUP PRIVATE CONVERSATIONS</h3>
|
||||
<p>Lightweight private conversations with one or as many people as you need.</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/help/status-and-availability" target="_blank">
|
||||
<a class="feature-block" href="/help/status-and-availability" target="_blank" rel="noopener noreferrer">
|
||||
<h3>TEAM AVAILABILITY</h3>
|
||||
<p>See who is currently online at a glance.</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/help/stream-permissions" target="_blank">
|
||||
<a class="feature-block" href="/help/stream-permissions" target="_blank" rel="noopener noreferrer">
|
||||
<h3>PRIVATE STREAMS</h3>
|
||||
<p>Enjoy the benefits of threaded conversations while
|
||||
controlling your audience and privacy.</p>
|
||||
@@ -189,7 +189,7 @@
|
||||
<p>We’re always receiving messages for you, even when
|
||||
you’re logged out or away from your computer.</p>
|
||||
</div>
|
||||
<a class="feature-block" href="/help/edit-or-delete-a-message" target="_blank">
|
||||
<a class="feature-block" href="/help/edit-or-delete-a-message" target="_blank" rel="noopener noreferrer">
|
||||
<h3>MESSAGE EDITING</h3>
|
||||
<p>Don’t worry, you can always fix that typo, either in
|
||||
the body of message or its topic.</p>
|
||||
@@ -198,12 +198,12 @@
|
||||
<h3>TYPING NOTIFICATIONS</h3>
|
||||
<p>Know when other users are composing messages to you.</p>
|
||||
</div>
|
||||
<a class="feature-block" href="/help/view-and-edit-your-message-drafts" target="_blank">
|
||||
<a class="feature-block" href="/help/view-and-edit-your-message-drafts" target="_blank" rel="noopener noreferrer">
|
||||
<h3>SAVED DRAFTS</h3>
|
||||
<p>Zulip’s drafts make it easy to write longer messages
|
||||
without worrying about losing your work.</p>
|
||||
</a>
|
||||
<a class="feature-block" href="https://zulip.readthedocs.io/en/latest/contributing/accessibility.html" target="_blank">
|
||||
<a class="feature-block" href="https://zulip.readthedocs.io/en/latest/contributing/accessibility.html" target="_blank" rel="noopener noreferrer">
|
||||
<h3>ACCESSIBILITY</h3>
|
||||
<p>
|
||||
Zulip follows best practices for accessibility, and has
|
||||
@@ -211,22 +211,22 @@
|
||||
tools.
|
||||
</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/help/about-streams-and-topics" target="_blank">
|
||||
<a class="feature-block" href="/help/about-streams-and-topics" target="_blank" rel="noopener noreferrer">
|
||||
<h3>CONVERSATIONS THREADED BY TOPIC</h3>
|
||||
<p>Participate in several conversations with the same
|
||||
group at once, without getting lost or overwhelmed.</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/help/reading-strategies" target="_blank">
|
||||
<a class="feature-block" href="/help/reading-strategies" target="_blank" rel="noopener noreferrer">
|
||||
<h3>CATCH UP IN NO TIME</h3>
|
||||
<p>With topics, hotkeys and snappy performance, usefully
|
||||
reviewing hundreds of messages takes just minutes.</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/help/change-your-language" target="_blank">
|
||||
<a class="feature-block" href="/help/change-your-language" target="_blank" rel="noopener noreferrer">
|
||||
<h3>FULLY INTERNATIONALIZED</h3>
|
||||
<p>The Zulip UI is fully internationalized and has been
|
||||
translated into over a dozen languages.</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/help/configure-authentication-methods" target="_blank">
|
||||
<a class="feature-block" href="/help/configure-authentication-methods" target="_blank" rel="noopener noreferrer">
|
||||
<h3>CUSTOMIZABLE LOGIN AND REGISTRATION</h3>
|
||||
<p>
|
||||
Customize the available authentication methods and
|
||||
@@ -234,35 +234,35 @@
|
||||
organization using Markdown.
|
||||
</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/help/start-a-call" target="_blank">
|
||||
<a class="feature-block" href="/help/start-a-call" target="_blank" rel="noopener noreferrer">
|
||||
<h3>VIDEO CALLS</h3>
|
||||
<p>
|
||||
Create and join video calls with a single click. Powered
|
||||
by your choice of Jitsi Meet or Zoom.
|
||||
</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/help/configure-authentication-methods" target="_blank">
|
||||
<a class="feature-block" href="/help/configure-authentication-methods" target="_blank" rel="noopener noreferrer">
|
||||
<h3>FLEXIBLE AUTHENTICATION</h3>
|
||||
<p>
|
||||
Supported authentication providers include LDAP, SAML,
|
||||
Google, GitHub, GitLab, Apple, and more.
|
||||
</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/help/import-from-slack" target="_blank">
|
||||
<a class="feature-block" href="/help/import-from-slack" target="_blank" rel="noopener noreferrer">
|
||||
<h3>DATA IMPORT</h3>
|
||||
<p>
|
||||
Import an existing Slack, Mattermost, HipChat, Stride,
|
||||
or Gitter workspace into Zulip.
|
||||
</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/help/add-custom-profile-fields" target="_blank">
|
||||
<a class="feature-block" href="/help/add-custom-profile-fields" target="_blank" rel="noopener noreferrer">
|
||||
<h3>CUSTOM PROFILE FIELDS</h3>
|
||||
<p>
|
||||
Use Zulip to store directory information, links to social
|
||||
media profiles, food preferences, or anything else.
|
||||
</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/help/roles-and-permissions" target="_blank">
|
||||
<a class="feature-block" href="/help/roles-and-permissions" target="_blank" rel="noopener noreferrer">
|
||||
<h3>GUESTS</h3>
|
||||
<p>
|
||||
Guests cannot see or join streams unless they are explicitly
|
||||
@@ -270,33 +270,33 @@
|
||||
contractors.
|
||||
</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/help/create-your-organization-profile" target="_blank">
|
||||
<a class="feature-block" href="/help/create-your-organization-profile" target="_blank" rel="noopener noreferrer">
|
||||
<h3>CUSTOM BRANDING</h3>
|
||||
<p>
|
||||
Use your logo instead of Zulip’s in the desktop and webapp.
|
||||
</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/integrations/communication" target="_blank">
|
||||
<a class="feature-block" href="/integrations/communication" target="_blank" rel="noopener noreferrer">
|
||||
<h3>INTEGRATE WITH IRC, MATRIX, OR SLACK</h3>
|
||||
<p>
|
||||
Two way integrations with IRC and Matrix, and one way
|
||||
integration with Slack.
|
||||
</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/help/moderating-open-organizations" target="_blank">
|
||||
<a class="feature-block" href="/help/moderating-open-organizations" target="_blank" rel="noopener noreferrer">
|
||||
<h3>MODERATION</h3>
|
||||
<p>
|
||||
A full suite of tools for moderating open communities.
|
||||
</p>
|
||||
</a>
|
||||
<a class="feature-block" href="/help/export-your-organization" target="_blank">
|
||||
<a class="feature-block" href="/help/export-your-organization" target="_blank" rel="noopener noreferrer">
|
||||
<h3>DATA EXPORTS</h3>
|
||||
<p>
|
||||
No vendor lock-in. Export your hosted Zulip to an
|
||||
on-premises installation at any time.
|
||||
</p>
|
||||
</a>
|
||||
<a class="feature-block" href="https://github.com/zulip/zulip/" target="_blank">
|
||||
<a class="feature-block" href="https://github.com/zulip/zulip/" target="_blank" rel="noopener noreferrer">
|
||||
<h3>YOUR FEATURE HERE</h3>
|
||||
<p>Zulip is open source, so if something important for
|
||||
your use case is missing, you can make it happen!</p>
|
||||
|
||||
@@ -26,7 +26,7 @@
|
||||
{% endif %}
|
||||
|
||||
<p>
|
||||
<a href="https://zulip.com/apps" target="_blank">
|
||||
<a href="https://zulip.com/apps" target="_blank" rel="noopener noreferrer">
|
||||
{{ _("Download the latest release.") }}
|
||||
</a>
|
||||
</p>
|
||||
|
||||
@@ -158,7 +158,7 @@
|
||||
<div class="pricing-details">
|
||||
Pricing varies with support required
|
||||
</div>
|
||||
<a href="mailto:sales@zulip.com" target="_blank" class="no-action button green">
|
||||
<a href="mailto:sales@zulip.com" target="_blank" rel="noopener noreferrer" class="no-action button green">
|
||||
Contact sales
|
||||
</a>
|
||||
</div>
|
||||
|
||||
@@ -32,7 +32,7 @@
|
||||
<button id="enter-realm-button" type="submit">{{ _('Next') }}</button>
|
||||
<p class="bottom-text">
|
||||
{{ _("Don't know your organization URL?") }}
|
||||
<a target="_blank" href="/accounts/find/">{{ _("Find your organization.") }}</a>
|
||||
<a target="_blank" rel="noopener noreferrer" href="/accounts/find/">{{ _("Find your organization.") }}</a>
|
||||
</p>
|
||||
</div>
|
||||
</form>
|
||||
@@ -40,7 +40,7 @@
|
||||
</div>
|
||||
|
||||
<div class="bottom-text">
|
||||
{{ _("Need to get your group started on Zulip?") }} <a target="_blank" href="/new/">{{ _("Create a new organization.") }}</a>
|
||||
{{ _("Need to get your group started on Zulip?") }} <a target="_blank" rel="noopener noreferrer" href="/new/">{{ _("Create a new organization.") }}</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
@@ -217,7 +217,7 @@ Form is validated both client-side using jquery-validate (see signup.js) and ser
|
||||
<input id="id_terms" class="required" type="checkbox" name="terms"
|
||||
{% if form.terms.value() %}checked="checked"{% endif %} />
|
||||
<span></span>
|
||||
{% trans %}I agree to the <a href="{{ root_domain_uri }}/terms" target="_blank">Terms of Service</a>.{% endtrans %}
|
||||
{% trans %}I agree to the <a href="{{ root_domain_uri }}/terms" target="_blank" rel="noopener noreferrer">Terms of Service</a>.{% endtrans %}
|
||||
</label>
|
||||
{% if form.terms.errors %}
|
||||
{% for error in form.terms.errors %}
|
||||
|
||||
@@ -123,7 +123,7 @@
|
||||
<!-- Compiled using underscore -->
|
||||
<script type="text/template" id="contributors-template">
|
||||
<div class="person">
|
||||
<a href="https://github.com/<%= name %>" target="_blank" class="no-underline">
|
||||
<a href="https://github.com/<%= name %>" target="_blank" rel="noopener noreferrer" class="no-underline">
|
||||
<div class="avatar">
|
||||
<img class="avatar_img" src="<%= avatar %>" alt="{{ _('Avatar') }}" />
|
||||
</div>
|
||||
|
||||
Reference in New Issue
Block a user