Joomla! Issue Tracker - CMS

Download
Launch
Feeling Lucky

[#28978] - [4.0] Install from web - link to developer site

?
avatar C-Lodder
C-Lodder
7 May 2020

Steps to reproduce the issue

  1. Go to administrator/index.php?option=com_installer
  2. Click on the "Install from Web" tab
  3. Click any extension
  4. Inspect the "Developer Wesbite" link element

Expected result

Element should be made safe with rel="noopener noreferrer"

Actual result

Unsafe link

Notes

If the DOM belongs to JED, then I'm happy to submit the bug on their repo.

cc'ing @anibalsanchez

avatar C-Lodder C-Lodder - open - 7 May 2020
avatar joomla-cms-bot joomla-cms-bot - change - 7 May 2020
Labels Added: ?
avatar joomla-cms-bot joomla-cms-bot - labeled - 7 May 2020
avatar anibalsanchez
anibalsanchez - comment - 7 May 2020

The IFW server is the service that generates the API responses that include the rendered output. It is currently managed by the core team.

The improvement should be implemented in this repo: https://github.com/joomla/install-from-web-server.

avatar alikon
alikon - comment - 8 May 2020

@C-Lodder can you have a look at joomla/install-from-web-server#50

avatar C-Lodder
C-Lodder - comment - 8 May 2020

@alikon looks ok to me. Should also be applied on the J3 file too.

avatar alikon
alikon - comment - 8 May 2020

sure right
done

avatar alikon alikon - change - 8 May 2020
Status New Closed
Closed_Date 0000-00-00 00:00:00 2020-05-08 10:40:45
Closed_By alikon
avatar alikon
alikon - comment - 8 May 2020

so i'm going to close this issue here,
please follow the ongoing at joomla/install-from-web-server#50

avatar alikon alikon - close - 8 May 2020

Add a Comment

Login with GitHub to post a comment