mirror of
https://github.com/bytedance/deer-flow.git
synced 2026-04-25 11:18:22 +00:00
fix(frontend): add missing rel="noopener noreferrer" to target="_blank" links (#1741)
* fix(frontend): add missing rel="noopener noreferrer" to target="_blank" links Prevent tabnabbing attacks and referrer leakage by ensuring all external links with target="_blank" include both noopener and noreferrer in the rel attribute. Made-with: Cursor * style: fix code formatting
This commit is contained in:
yangzheli
GitHub
parent
f56d0b4869
commit
636053fb6d
@ -253,7 +253,7 @@ export const OpenInChatGPT = (props: OpenInChatGPTProps) => {
|
|||||||
<a
|
<a
|
||||||
className="flex items-center gap-2"
|
className="flex items-center gap-2"
|
||||||
href={providers.chatgpt.createUrl(query)}
|
href={providers.chatgpt.createUrl(query)}
|
||||||
rel="noopener"
|
rel="noopener noreferrer"
|
||||||
target="_blank"
|
target="_blank"
|
||||||
>
|
>
|
||||||
<span className="shrink-0">{providers.chatgpt.icon}</span>
|
<span className="shrink-0">{providers.chatgpt.icon}</span>
|
||||||
@ -273,7 +273,7 @@ export const OpenInClaude = (props: OpenInClaudeProps) => {
|
|||||||
<a
|
<a
|
||||||
className="flex items-center gap-2"
|
className="flex items-center gap-2"
|
||||||
href={providers.claude.createUrl(query)}
|
href={providers.claude.createUrl(query)}
|
||||||
rel="noopener"
|
rel="noopener noreferrer"
|
||||||
target="_blank"
|
target="_blank"
|
||||||
>
|
>
|
||||||
<span className="shrink-0">{providers.claude.icon}</span>
|
<span className="shrink-0">{providers.claude.icon}</span>
|
||||||
@ -293,7 +293,7 @@ export const OpenInT3 = (props: OpenInT3Props) => {
|
|||||||
<a
|
<a
|
||||||
className="flex items-center gap-2"
|
className="flex items-center gap-2"
|
||||||
href={providers.t3.createUrl(query)}
|
href={providers.t3.createUrl(query)}
|
||||||
rel="noopener"
|
rel="noopener noreferrer"
|
||||||
target="_blank"
|
target="_blank"
|
||||||
>
|
>
|
||||||
<span className="shrink-0">{providers.t3.icon}</span>
|
<span className="shrink-0">{providers.t3.icon}</span>
|
||||||
@ -313,7 +313,7 @@ export const OpenInScira = (props: OpenInSciraProps) => {
|
|||||||
<a
|
<a
|
||||||
className="flex items-center gap-2"
|
className="flex items-center gap-2"
|
||||||
href={providers.scira.createUrl(query)}
|
href={providers.scira.createUrl(query)}
|
||||||
rel="noopener"
|
rel="noopener noreferrer"
|
||||||
target="_blank"
|
target="_blank"
|
||||||
>
|
>
|
||||||
<span className="shrink-0">{providers.scira.icon}</span>
|
<span className="shrink-0">{providers.scira.icon}</span>
|
||||||
@ -333,7 +333,7 @@ export const OpenInv0 = (props: OpenInv0Props) => {
|
|||||||
<a
|
<a
|
||||||
className="flex items-center gap-2"
|
className="flex items-center gap-2"
|
||||||
href={providers.v0.createUrl(query)}
|
href={providers.v0.createUrl(query)}
|
||||||
rel="noopener"
|
rel="noopener noreferrer"
|
||||||
target="_blank"
|
target="_blank"
|
||||||
>
|
>
|
||||||
<span className="shrink-0">{providers.v0.icon}</span>
|
<span className="shrink-0">{providers.v0.icon}</span>
|
||||||
@ -353,7 +353,7 @@ export const OpenInCursor = (props: OpenInCursorProps) => {
|
|||||||
<a
|
<a
|
||||||
className="flex items-center gap-2"
|
className="flex items-center gap-2"
|
||||||
href={providers.cursor.createUrl(query)}
|
href={providers.cursor.createUrl(query)}
|
||||||
rel="noopener"
|
rel="noopener noreferrer"
|
||||||
target="_blank"
|
target="_blank"
|
||||||
>
|
>
|
||||||
<span className="shrink-0">{providers.cursor.icon}</span>
|
<span className="shrink-0">{providers.cursor.icon}</span>
|
||||||
|
|||||||
@ -63,7 +63,7 @@ export const Source = ({ href, title, children, ...props }: SourceProps) => (
|
|||||||
<a
|
<a
|
||||||
className="flex items-center gap-2"
|
className="flex items-center gap-2"
|
||||||
href={href}
|
href={href}
|
||||||
rel="noreferrer"
|
rel="noopener noreferrer"
|
||||||
target="_blank"
|
target="_blank"
|
||||||
{...props}
|
{...props}
|
||||||
>
|
>
|
||||||
|
|||||||
@ -8,7 +8,11 @@ export function Header() {
|
|||||||
return (
|
return (
|
||||||
<header className="container-md fixed top-0 right-0 left-0 z-20 mx-auto flex h-16 items-center justify-between backdrop-blur-xs">
|
<header className="container-md fixed top-0 right-0 left-0 z-20 mx-auto flex h-16 items-center justify-between backdrop-blur-xs">
|
||||||
<div className="flex items-center gap-2">
|
<div className="flex items-center gap-2">
|
||||||
<a href="https://github.com/bytedance/deer-flow" target="_blank">
|
<a
|
||||||
|
href="https://github.com/bytedance/deer-flow"
|
||||||
|
target="_blank"
|
||||||
|
rel="noopener noreferrer"
|
||||||
|
>
|
||||||
<h1 className="font-serif text-xl">DeerFlow</h1>
|
<h1 className="font-serif text-xl">DeerFlow</h1>
|
||||||
</a>
|
</a>
|
||||||
</div>
|
</div>
|
||||||
@ -26,7 +30,11 @@ export function Header() {
|
|||||||
asChild
|
asChild
|
||||||
className="group relative z-10"
|
className="group relative z-10"
|
||||||
>
|
>
|
||||||
<a href="https://github.com/bytedance/deer-flow" target="_blank">
|
<a
|
||||||
|
href="https://github.com/bytedance/deer-flow"
|
||||||
|
target="_blank"
|
||||||
|
rel="noopener noreferrer"
|
||||||
|
>
|
||||||
<GitHubLogoIcon className="size-4" />
|
<GitHubLogoIcon className="size-4" />
|
||||||
Star on GitHub
|
Star on GitHub
|
||||||
{env.NEXT_PUBLIC_STATIC_WEBSITE_ONLY === "true" &&
|
{env.NEXT_PUBLIC_STATIC_WEBSITE_ONLY === "true" &&
|
||||||
|
|||||||
@ -57,6 +57,7 @@ export function CaseStudySection({ className }: { className?: string }) {
|
|||||||
key={caseStudy.title}
|
key={caseStudy.title}
|
||||||
href={pathOfThread(caseStudy.threadId) + "?mock=true"}
|
href={pathOfThread(caseStudy.threadId) + "?mock=true"}
|
||||||
target="_blank"
|
target="_blank"
|
||||||
|
rel="noopener noreferrer"
|
||||||
>
|
>
|
||||||
<Card className="group/card relative h-64 overflow-hidden">
|
<Card className="group/card relative h-64 overflow-hidden">
|
||||||
<div
|
<div
|
||||||
|
|||||||
@ -20,7 +20,11 @@ export function CommunitySection() {
|
|||||||
>
|
>
|
||||||
<div className="flex justify-center">
|
<div className="flex justify-center">
|
||||||
<Button className="text-xl" size="lg" asChild>
|
<Button className="text-xl" size="lg" asChild>
|
||||||
<Link href="https://github.com/bytedance/deer-flow" target="_blank">
|
<Link
|
||||||
|
href="https://github.com/bytedance/deer-flow"
|
||||||
|
target="_blank"
|
||||||
|
rel="noopener noreferrer"
|
||||||
|
>
|
||||||
<GitHubLogoIcon />
|
<GitHubLogoIcon />
|
||||||
Contribute Now
|
Contribute Now
|
||||||
</Link>
|
</Link>
|
||||||
|
|||||||
@ -188,7 +188,11 @@ export function ArtifactFileDetail({
|
|||||||
</Tooltip>
|
</Tooltip>
|
||||||
)}
|
)}
|
||||||
{!isWriteFile && (
|
{!isWriteFile && (
|
||||||
<a href={urlOfArtifact({ filepath, threadId })} target="_blank">
|
<a
|
||||||
|
href={urlOfArtifact({ filepath, threadId })}
|
||||||
|
target="_blank"
|
||||||
|
rel="noopener noreferrer"
|
||||||
|
>
|
||||||
<ArtifactAction
|
<ArtifactAction
|
||||||
icon={SquareArrowOutUpRightIcon}
|
icon={SquareArrowOutUpRightIcon}
|
||||||
label={t.common.openInNewWindow}
|
label={t.common.openInNewWindow}
|
||||||
@ -217,6 +221,7 @@ export function ArtifactFileDetail({
|
|||||||
<a
|
<a
|
||||||
href={urlOfArtifact({ filepath, threadId, download: true })}
|
href={urlOfArtifact({ filepath, threadId, download: true })}
|
||||||
target="_blank"
|
target="_blank"
|
||||||
|
rel="noopener noreferrer"
|
||||||
>
|
>
|
||||||
<ArtifactAction
|
<ArtifactAction
|
||||||
icon={DownloadIcon}
|
icon={DownloadIcon}
|
||||||
|
|||||||
@ -111,6 +111,7 @@ export function ArtifactFileList({
|
|||||||
download: true,
|
download: true,
|
||||||
})}
|
})}
|
||||||
target="_blank"
|
target="_blank"
|
||||||
|
rel="noopener noreferrer"
|
||||||
onClick={(e) => e.stopPropagation()}
|
onClick={(e) => e.stopPropagation()}
|
||||||
>
|
>
|
||||||
<Button variant="ghost">
|
<Button variant="ghost">
|
||||||
|
|||||||
@ -215,7 +215,7 @@ function ToolCall({
|
|||||||
<ChainOfThoughtSearchResults>
|
<ChainOfThoughtSearchResults>
|
||||||
{result.map((item) => (
|
{result.map((item) => (
|
||||||
<ChainOfThoughtSearchResult key={item.url}>
|
<ChainOfThoughtSearchResult key={item.url}>
|
||||||
<a href={item.url} target="_blank" rel="noreferrer">
|
<a href={item.url} target="_blank" rel="noopener noreferrer">
|
||||||
{item.title}
|
{item.title}
|
||||||
</a>
|
</a>
|
||||||
</ChainOfThoughtSearchResult>
|
</ChainOfThoughtSearchResult>
|
||||||
@ -250,7 +250,7 @@ function ToolCall({
|
|||||||
className="size-24 overflow-hidden rounded-lg object-cover"
|
className="size-24 overflow-hidden rounded-lg object-cover"
|
||||||
href={item.source_url}
|
href={item.source_url}
|
||||||
target="_blank"
|
target="_blank"
|
||||||
rel="noreferrer"
|
rel="noopener noreferrer"
|
||||||
>
|
>
|
||||||
<div className="bg-accent size-24">
|
<div className="bg-accent size-24">
|
||||||
<img
|
<img
|
||||||
@ -289,7 +289,7 @@ function ToolCall({
|
|||||||
>
|
>
|
||||||
<ChainOfThoughtSearchResult>
|
<ChainOfThoughtSearchResult>
|
||||||
{url && (
|
{url && (
|
||||||
<a href={url} target="_blank" rel="noreferrer">
|
<a href={url} target="_blank" rel="noopener noreferrer">
|
||||||
{title}
|
{title}
|
||||||
</a>
|
</a>
|
||||||
)}
|
)}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user