Merge pull request #2259 from bookwyrm-social/links

Improves rel attrs on links that open on new tabs
This commit is contained in:
Mouse Reeve 2022-08-05 11:28:04 -07:00 committed by GitHub
commit 1518dbba86
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
23 changed files with 100 additions and 33 deletions

View file

@ -23,7 +23,9 @@
<p class="subtitle notification has-background-primary-highlight">
{% blocktrans trimmed with site_name=site.name %}
{{ site_name }} is part of <em>BookWyrm</em>, a network of independent, self-directed communities for readers.
While you can interact seamlessly with users anywhere in the <a href="https://joinbookwyrm.com/instances/" target="_blank">BookWyrm network</a>, this community is unique.
While you can interact seamlessly with users anywhere in the
<a href="https://joinbookwyrm.com/instances/" target="_blank" rel="nofollow noopener noreferrer">BookWyrm network</a>,
this community is unique.
{% endblocktrans %}
</p>
</div>
@ -88,7 +90,10 @@
</div>
<p>
{% trans "Track your reading, talk about books, write reviews, and discover what to read next. Always ad-free, anti-corporate, and community-oriented, BookWyrm is human-scale software, designed to stay small and personal. If you have feature requests, bug reports, or grand dreams, <a href='https://joinbookwyrm.com/get-involved' target='_blank'>reach out</a> and make yourself heard." %}
{% blocktrans trimmed %}
Track your reading, talk about books, write reviews, and discover what to read next. Always ad-free, anti-corporate, and community-oriented, BookWyrm is human-scale software, designed to stay small and personal.
If you have feature requests, bug reports, or grand dreams, <a href="https://joinbookwyrm.com/get-involved" target="_blank" rel="nofollow noopener noreferrer">reach out</a> and make yourself heard.
{% endblocktrans %}
</p>
</section>

View file

@ -66,7 +66,7 @@
<div class="box">
{% if author.wikipedia_link %}
<div>
<a itemprop="sameAs" href="{{ author.wikipedia_link }}" rel="noopener noreferrer" target="_blank">
<a itemprop="sameAs" href="{{ author.wikipedia_link }}" rel="nofollow noopener noreferrer" target="_blank">
{% trans "Wikipedia" %}
</a>
</div>
@ -74,7 +74,7 @@
{% if author.isni %}
<div class="mt-1">
<a itemprop="sameAs" href="{{ author.isni_link }}" rel="noopener noreferrer" target="_blank">
<a itemprop="sameAs" href="{{ author.isni_link }}" rel="nofollow noopener noreferrer" target="_blank">
{% trans "View ISNI record" %}
</a>
</div>
@ -83,7 +83,7 @@
{% trans "Load data" as button_text %}
{% if author.openlibrary_key %}
<div class="mt-1 is-flex">
<a class="mr-3" itemprop="sameAs" href="{{ author.openlibrary_link }}" target="_blank" rel="noopener noreferrer">
<a class="mr-3" itemprop="sameAs" href="{{ author.openlibrary_link }}" target="_blank" rel="nofollow noopener noreferrer">
{% trans "View on OpenLibrary" %}
</a>
{% if request.user.is_authenticated and perms.bookwyrm.edit_book %}
@ -98,7 +98,7 @@
{% if author.inventaire_id %}
<div class="mt-1 is-flex">
<a class="mr-3" itemprop="sameAs" href="{{ author.inventaire_link }}" target="_blank" rel="noopener noreferrer">
<a class="mr-3" itemprop="sameAs" href="{{ author.inventaire_link }}" target="_blank" rel="nofollow noopener noreferrer">
{% trans "View on Inventaire" %}
</a>
@ -114,7 +114,7 @@
{% if author.librarything_key %}
<div class="mt-1">
<a itemprop="sameAs" href="https://www.librarything.com/author/{{ author.librarything_key }}" target="_blank" rel="noopener noreferrer">
<a itemprop="sameAs" href="https://www.librarything.com/author/{{ author.librarything_key }}" target="_blank" rel="nofollow noopener noreferrer">
{% trans "View on LibraryThing" %}
</a>
</div>
@ -122,7 +122,7 @@
{% if author.goodreads_key %}
<div>
<a itemprop="sameAs" href="https://www.goodreads.com/author/show/{{ author.goodreads_key }}" target="_blank" rel="noopener noreferrer">
<a itemprop="sameAs" href="https://www.goodreads.com/author/show/{{ author.goodreads_key }}" target="_blank" rel="nofollow noopener noreferrer">
{% trans "View on Goodreads" %}
</a>
</div>

View file

@ -131,7 +131,7 @@
{% trans "Load data" as button_text %}
{% if book.openlibrary_key %}
<p>
<a href="{{ book.openlibrary_link }}" target="_blank" rel="noopener noreferrer">
<a href="{{ book.openlibrary_link }}" target="_blank" rel="nofollow noopener noreferrer">
{% trans "View on OpenLibrary" %}
</a>
{% if request.user.is_authenticated and perms.bookwyrm.edit_book %}
@ -145,7 +145,7 @@
{% endif %}
{% if book.inventaire_id %}
<p>
<a href="{{ book.inventaire_link }}" target="_blank" rel="noopener noreferrer">
<a href="{{ book.inventaire_link }}" target="_blank" rel="nofollow noopener noreferrer">
{% trans "View on Inventaire" %}
</a>

View file

@ -78,9 +78,13 @@
<p class="help ml-5 mb-2">
{% with book_title=match.book_set.first.title alt_title=match.bio %}
{% if book_title %}
<a href="{{ match.local_path }}" target="_blank">{% trans "Author of " %}<em>{{ book_title }}</em></a>
{% else %}
<a href="{{ match.id }}" target="_blank">{% if alt_title %}{% trans "Author of " %}<em>{{ alt_title }}</em>{% else %} {% trans "Find more information at isni.org" %}{% endif %}</a>
<a href="{{ match.local_path }}" target="_blank" rel="nofollow noopener noreferrer">{% blocktrans trimmed %}
Author of <em>{{ book_title }}</em>
{% endblocktrans %}</a>
{% else %}
<a href="{{ match.id }}" target="_blank" rel="nofollow noopener noreferrer">{% if alt_title %}{% blocktrans trimmed %}
Author of <em>{{ alt_title }}</em>
{% endblocktrans %}{% else %}{% trans "Find more information at isni.org" %}{% endif %}</a>
{% endif %}
{% endwith %}
</p>

View file

@ -39,7 +39,7 @@
{% for link in links %}
<tr>
<td class="overflow-wrap-anywhere">
<a href="{{ link.url }}" target="_blank" rel="noopener noreferrer">{{ link.url }}</a>
<a href="{{ link.url }}" target="_blank" rel="nofollow noopener noreferrer">{{ link.url }}</a>
</td>
<td>
{% if link.added_by %}

View file

@ -28,7 +28,7 @@
{% for link in links.all %}
{% join "verify" link.id as verify_modal %}
<li>
<a href="{{ link.url }}" rel="noopener noreferrer" target="_blank" title="{{ link.url }}" data-modal-open="{{ verify_modal }}">{{ link.name }}</a>
<a href="{{ link.url }}" rel="nofollow noopener noreferrer" target="_blank" title="{{ link.url }}" data-modal-open="{{ verify_modal }}">{{ link.name }}</a>
({{ link.filetype }})
{% if link.availability != "free" %}

View file

@ -23,7 +23,7 @@ Is that where you'd like to go?
</div>
<button type="button" class="button" data-modal-close>{% trans "Cancel" %}</button>
<a href="{{ link.url }}" target="_blank" rel="noopener noreferrer" class="button is-primary">{% trans "Continue" %}</a>
<a href="{{ link.url }}" target="_blank" rel="nofollow noopener noreferrer" noreferrer" class="button is-primary">{% trans "Continue" %}</a>
{% endif %}
{% endblock %}

View file

@ -39,7 +39,11 @@
</div>
<p class="help" id="desc_source">
{% trans 'You can download your Goodreads data from the <a href="https://www.goodreads.com/review/import" target="_blank" rel="noopener noreferrer">Import/Export page</a> of your Goodreads account.' %}
{% blocktrans trimmed %}
You can download your Goodreads data from the
<a href="https://www.goodreads.com/review/import" target="_blank" rel="nofollow noopener noreferrer">Import/Export page</a>
of your Goodreads account.
{% endblocktrans %}
</p>
</div>

View file

@ -169,7 +169,7 @@
<p>{{ item.review|truncatechars:100 }}</p>
{% endif %}
{% if item.linked_review %}
<a href="{{ item.linked_review.remote_id }}" target="_blank">{% trans "View imported review" %}</a>
<a href="{{ item.linked_review.remote_id }}" target="_blank" rel="nofollow noopener noreferrer">{% trans "View imported review" %}</a>
{% endif %}
</td>
{% block import_cols %}

View file

@ -42,7 +42,7 @@
<div class="columns is-mobile">
{% with guess=item.book_guess %}
<div class="column is-narrow">
<a href="{{ item.book.local_path }}" target="_blank">
<a href="{{ item.book.local_path }}" target="_blank" rel="nofollow noopener noreferrer">
{% include 'snippets/book_cover.html' with book=guess cover_class='is-h-s' size='small' %}
</a>
</div>

View file

@ -200,11 +200,17 @@
{% if site.support_link %}
<p>
<span class="icon icon-heart"></span>
{% blocktrans with site_name=site.name support_link=site.support_link support_title=site.support_title %}Support {{ site_name }} on <a href="{{ support_link }}" target="_blank">{{ support_title }}</a>{% endblocktrans %}
{% blocktrans trimmed with site_name=site.name support_link=site.support_link support_title=site.support_title %}
Support {{ site_name }} on
<a href="{{ support_link }}" target="_blank" rel="nofollow noopener noreferrer">{{ support_title }}</a>
{% endblocktrans %}
</p>
{% endif %}
<p>
{% blocktrans %}BookWyrm's source code is freely available. You can contribute or report issues on <a href="https://github.com/mouse-reeve/bookwyrm">GitHub</a>.{% endblocktrans %}
{% blocktrans trimmed %}
BookWyrm's source code is freely available. You can contribute or report issues on
<a href="https://github.com/bookwyrm-social/bookwyrm" target="_blank" rel="nofollow noopener noreferrer">GitHub</a>.
{% endblocktrans %}
</p>
</div>
{% if site.footer_item %}

View file

@ -4,7 +4,14 @@
<div class="field mb-0">
<div class="control">
<a class="button is-small is-link" href="{% url 'remote-follow-page' %}?user={{ user.username }}" target="_blank" rel="noopener noreferrer" onclick="BookWyrm.displayPopUp(`{% url 'remote-follow-page' %}?user={{ user.username }}`, `remoteFollow`); return false;" aria-describedby="remote_follow_warning">
<a
class="button is-small is-link"
href="{% url 'remote-follow-page' %}?user={{ user.username }}"
target="_blank"
rel="nofollow noopener noreferrer"
onclick="BookWyrm.displayPopUp(`{% url 'remote-follow-page' %}?user={{ user.username }}`, `remoteFollow`); return false;"
aria-describedby="remote_follow_warning"
>
{% blocktrans with username=user.localname %}Follow on Fediverse{% endblocktrans %}
</a>
</div>

View file

@ -42,7 +42,11 @@
<summary class="is-flex is-align-items-center is-flex-wrap-wrap is-gap-2 remote-book-search-result" id="tour-remote-search-result">
<span class="mb-0 title is-5">
{% trans 'Results from' %}
<a href="{{ result_set.connector.base_url }}" target="_blank">{{ result_set.connector.name|default:result_set.connector.identifier }}</a>
<a
href="{{ result_set.connector.base_url }}"
target="_blank"
rel="nofollow noopener noreferrer"
>{{ result_set.connector.name|default:result_set.connector.identifier }}</a>
</span>
<span class="details-close icon icon-x" aria-hidden="true"></span>
@ -63,7 +67,7 @@
<strong>
<a
href="{{ result.view_link|default:result.key }}"
rel="noopener noreferrer"
rel="nofollow noopener noreferrer"
target="_blank"
>{{ result.title }}</a>
</strong>

View file

@ -59,7 +59,9 @@
<div class="field">
<label class="label" for="id_file">JSON data:</label>
<aside class="help">
Expects a json file in the format provided by <a href="https://fediblock.org/" target="_blank" rel="noopener noreferrer">FediBlock</a>, with a list of entries that have <code>instance</code> and <code>url</code> fields. For example:
{% blocktrans trimmed %}
Expects a json file in the format provided by <a href="https://fediblock.org/" target="_blank" rel="nofollow noopener noreferrer">FediBlock</a>, with a list of entries that have <code>instance</code> and <code>url</code> fields. For example:
{% endblocktrans %}
<pre>
[
{

View file

@ -36,7 +36,7 @@
<header class="column">
<h2 class="title is-5">
{{ domain.name }}
(<a href="http://{{ domain.domain }}" target="_blank" rel="noopener noreferrer">{{ domain.domain }}</a>)
(<a href="http://{{ domain.domain }}" target="_blank" rel="nofollow noopener noreferrer">{{ domain.domain }}</a>)
</h2>
</header>
<div class="column is-narrow">

View file

@ -12,7 +12,7 @@
{% for link in links %}
<tr>
<td class="overflow-wrap-anywhere">
<a href="{{ link.url }}" target="_blank" rel="noopener noreferrer">{{ link.url }}</a>
<a href="{{ link.url }}" target="_blank" rel="nofollow noopener noreferrer">{{ link.url }}</a>
</td>
<td>
{% if link.added_by %}

View file

@ -51,7 +51,7 @@
{% trans "Once the instance is set up, you can promote other users to moderator or admin roles from the admin panel." %}
</p>
<p>
<a href="https://docs.joinbookwyrm.com/moderation.html" target="_blank">
<a href="https://docs.joinbookwyrm.com/moderation.html" target="_blank" rel="nofollow noopener noreferrer">
{% trans "Learn more about moderation" %}
</a>
</p>

View file

@ -144,7 +144,7 @@
{% blocktrans trimmed %}
You can change your instance settings in the <code>.env</code> file on your server.
{% endblocktrans %}
<a href="https://docs.joinbookwyrm.com/install-prod.html" target="_blank">
<a href="https://docs.joinbookwyrm.com/install-prod.html" target="_blank" rel="nofollow noopener noreferrer">
{% trans "View installation instructions" %}
</a>
</p>

View file

@ -9,13 +9,17 @@
<div class="container">
<div class="navbar-brand is-flex-grow-1">
<span class="navbar-item" href="/">
<img class="image logo" src="{% if site.logo_small %}{% get_media_prefix %}{{ site.logo_small }}{% else %}{% static "images/logo-small.png" %}{% endif %}" alt="{% blocktrans with site_name=site.name %}{{ site_name }} home page{% endblocktrans %}">
<img
class="image logo"
src="{% if site.logo_small %}{% get_media_prefix %}{{ site.logo_small }}{% else %}{% static "images/logo-small.png" %}{% endif %}"
alt="{% blocktrans with site_name=site.name %}{{ site_name }} home page{% endblocktrans %}"
>
</span>
<div class="navbar-item is-align-items-start pt-5 is-flex-grow-1">
{% trans "Installing BookWyrm" %}
</div>
<div class="navbar-item is-align-items-start pt-5">
<a href="https://joinbookwyrm.com/get-involved/#dev-chat" target="_blank">{% trans "Need help?" %}</a>
<a href="https://joinbookwyrm.com/get-involved/#dev-chat" target="_blank" rel="nofollow noopener noreferrer">{% trans "Need help?" %}</a>
</div>
</div>
</div>

View file

@ -123,6 +123,7 @@
<a
href="{% get_media_prefix %}{{ attachment.image }}"
target="_blank"
rel="nofollow noopener noreferrer"
aria-label="{% trans 'Open image in new window' %}"
>
<img

View file

@ -65,7 +65,7 @@
<div class="columns is-mobile">
<h2 class="title column">{% trans "User Activity" %}</h2>
<div class="column is-narrow">
<a target="_blank" href="{{ user.local_path }}/rss">
<a target="_blank" href="{{ user.local_path }}/rss" rel="nofollow noopener noreferrer">
<span class="icon icon-rss" aria-hidden="true"></span>
<span class="is-hidden-mobile">{% trans "RSS feed" %}</span>
</a>

View file

@ -1,4 +1,5 @@
""" html validation on rendered templates """
from html.parser import HTMLParser
from tidylib import tidy_document
@ -23,3 +24,32 @@ def validate_html(html):
)
if errors:
raise Exception(errors)
validator = HtmlValidator()
# will raise exceptions
validator.feed(str(html.content))
class HtmlValidator(HTMLParser): # pylint: disable=abstract-method
"""Checks for custom html validation requirements"""
def __init__(self):
HTMLParser.__init__(self)
def handle_starttag(self, tag, attrs):
"""check if the tag is valid"""
# filter out everything besides links that open in new tabs
if tag != "a" or ("target", "_blank") not in attrs:
return
for attr, value in attrs:
if (
attr == "rel"
and "nofollow" in value
and "noopener" in value
and "noreferrer" in value
):
return
raise Exception(
'Links to a new tab must have rel="nofollow noopener noreferrer"'
)

View file

@ -13,7 +13,7 @@ from bookwyrm.tests.validate_html import validate_html
class LandingViews(TestCase):
"""pages you land on without really trying"""
def setUp(self):
def setUp(self): # pylint: disable=invalid-name
"""we need basic test data and mocks"""
self.factory = RequestFactory()
with patch("bookwyrm.suggested_users.rerank_suggestions_task.delay"), patch(