Bug fix (Security Vulnerability)#2235
Bug fix (Security Vulnerability)#2235Utkarsh-123github merged 4 commits intojson-schema-org:mainfrom
Conversation
|
Hi @Adityakk9031! Thanks a lot for your contribution! I noticed that the following required information is missing or incomplete: kind of change description, completed checklist items Please update the PR description to include this information. You can find placeholders in the PR template for these items. Thanks a lot! |
|
ok i will fix the error later tomorrow |
|
Hi @Adityakk9031! Thanks a lot for your contribution! I noticed that the following required information is missing or incomplete: kind of change description, completed checklist items Please update the PR description to include this information. You can find placeholders in the PR template for these items. Thanks a lot! |
built with Refined Cloudflare Pages Action⚡ Cloudflare Pages Deployment
|
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #2235 +/- ##
=========================================
Coverage 100.00% 100.00%
=========================================
Files 30 30
Lines 660 663 +3
Branches 202 205 +3
=========================================
+ Hits 660 663 +3 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
Hi @Adityakk9031! Thanks a lot for your contribution! I noticed that the following required information is missing or incomplete: completed checklist items Please update the PR description to include this information. You can find placeholders in the PR template for these items. Thanks a lot! |
|
@jagpreetrahi hey please have a look |
github-project-automation
Bot
moved this from Ready to review
to Changes requested
in PR - Triage Group
|
Hi @Utkarsh-123github, thanks for catching that! In my previous commit, I accidentally removed the {bowtieData ? ... : } ternary logic in the mobile table section and replaced it with just the tag. This would have broken the fallback — tools without Bowtie data would render a broken link instead of the info icon. I've fixed this in my latest commit. The changes are now minimal and purely security-focused: Fixed target='blank' → target='_blank' (typo in original code) |
|
@jagpreetrahi please merge this pr and this one #2236 |
|
LGTM🚀 |
github-project-automation
Bot
moved this from Changes requested
to Done
in PR - Triage Group
3 participants
What kind of change does this PR introduce?
Bug fix – security hardening for external links by ensuring safe usage of
target="_blank"withrel="noopener noreferrer"in tooling components.Issue Number
Closes #2227
Screenshots / Videos
N/A – this is a code-level security fix with no visual changes expected.
Summary
This PR addresses the security vulnerability described in #2227 by adding
rel="noopener noreferrer"to all external links inToolingTable.tsxandToolingDetailModal.tsx. It also corrects incorrect usages oftarget="blank"to the standardtarget="_blank"so that external links open in a new tab while following security best practices.Changes
rel="noopener noreferrer"to external<a>tags rendered inToolingTable.tsx.rel="noopener noreferrer"to external<a>tags rendered inToolingDetailModal.tsx.target="blank"with the correcttarget="_blank"value on external links.Does this PR introduce a breaking change?
No.
Documentation Updates
N/A.
Checklist
Please ensure the following tasks are completed before submitting this pull request.