diff options
| author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-06-02 11:52:03 +0000 |
|---|---|---|
| committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-06-02 11:52:03 +0000 |
| commit | f9dd1402807a42eec2b56354b0c2a7778433c7f5 (patch) | |
| tree | 8433b584532cef10f6c8b03c1e0bb3bfe42b5ab0 | |
| parent | 0d475208ac99b818d4063f73289390c578302459 (diff) | |
| parent | 4a03bbe4831399381a45cde7fd19ecfb67895bd4 (diff) | |
| download | gitlab-ce-f9dd1402807a42eec2b56354b0c2a7778433c7f5.tar.gz | |
Merge branch 'add_noreferrer_to_all_links' into 'master'
Add nofollow to all external links
Fixes #1224
| -rw-r--r-- | app/helpers/application_helper.rb | 27 | ||||
| -rw-r--r-- | spec/helpers/application_helper_spec.rb | 23 |
2 files changed, 50 insertions, 0 deletions
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index 5f07cdf448c..198ca76545c 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -231,4 +231,31 @@ module ApplicationHelper content_tag(:i, nil, class: 'icon-spinner icon-spin') + text end end + + def link_to(name = nil, options = nil, html_options = nil, &block) + begin + uri = URI(options) + host = uri.host + absolute_uri = uri.absolute? + rescue URI::InvalidURIError, ArgumentError + host = nil + absolute_uri = nil + end + + # Add "nofollow" only to external links + if host && host != Gitlab.config.gitlab.host && absolute_uri + if html_options + if html_options[:rel] + html_options[:rel] << " nofollow" + else + html_options.merge!(rel: "nofollow") + end + else + html_options = Hash.new + html_options[:rel] = "nofollow" + end + end + + super + end end diff --git a/spec/helpers/application_helper_spec.rb b/spec/helpers/application_helper_spec.rb index 0376e0aadf0..10c5617d245 100644 --- a/spec/helpers/application_helper_spec.rb +++ b/spec/helpers/application_helper_spec.rb @@ -195,4 +195,27 @@ describe ApplicationHelper do simple_sanitize(input).should == a_tag end end + + describe "link_to" do + + it "should not include rel=nofollow for internal links" do + expect(link_to("Home", root_path)).to eq("<a href=\"/\">Home</a>") + end + + it "should include rel=nofollow for external links" do + expect(link_to("Example", "http://www.example.com")).to eq("<a href=\"http://www.example.com\" rel=\"nofollow\">Example</a>") + end + + it "should include re=nofollow for external links and honor existing html_options" do + expect( + link_to("Example", "http://www.example.com", class: "toggle", data: {toggle: "dropdown"}) + ).to eq("<a class=\"toggle\" data-toggle=\"dropdown\" href=\"http://www.example.com\" rel=\"nofollow\">Example</a>") + end + + it "should include rel=nofollow for external links and preserver other rel values" do + expect( + link_to("Example", "http://www.example.com", rel: "noreferrer") + ).to eq("<a href=\"http://www.example.com\" rel=\"noreferrer nofollow\">Example</a>") + end + end end |