paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-02 21:13:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
3819a376b5268319b60dc5a9097865e7dd4cd1b7
zulip/static/templates/admin_invites_list.hbs
Tim Abbott 6d0c39fd7e CVE-2020-14194: Use noopener/noreferrer for external links. 
We fixed the main issue of this form in CVE-2020-9444, but the audit
done at that time only included links found in rendered_markdown; this
change completes our audit for links with target=_blank anywhere in
the codebase.
2020-06-16 23:16:05 -07:00

35 lines
962 B
Handlebars
Raw Blame History

{{#with invite}}
<tr class="invite_row">
<td>
{{#if is_multiuse}}
<span class="email">
<a href="{{link_url}}" target="_blank" rel="noopener noreferrer">
{{t 'Invite link'}}
</a>
</span>
{{else}}
<span class="email">{{email}}</span>
{{/if}}
</td>
<td>
<span class="referred_by">{{ref}}</span>
</td>
<td>
<span class="invited_at">{{invited_absolute_time}}</span>
</td>
<td>
<span>{{invited_as_text}}</span>
</td>
<td class="actions">
<button class="button rounded small revoke btn-danger" data-invite-id="{{id}}" data-is-multiuse="{{is_multiuse}}">
{{t "Revoke" }}
</button>
{{#unless is_multiuse}}
<button class="button rounded small resend btn-warning" data-invite-id="{{id}}">
{{t "Resend" }}
</button>
{{/unless}}
</td>
</tr>
{{/with}}
Reference in New Issue View Git Blame Copy Permalink