diff options
| author | Doge <[email protected]> | 2021-05-11 12:45:22 +0800 |
|---|---|---|
| committer | Doge <[email protected]> | 2021-05-11 12:45:22 +0800 |
| commit | 96814fc7dbd1c5c9770dc5563be2be0bc6422397 (patch) | |
| tree | 54ea432479a0cdd1d1424476701336309a2185a7 | |
| parent | 0aa17cb5729bf39df1cfddcd5520fd9f238cadbd (diff) | |
| download | chromate-96814fc7dbd1c5c9770dc5563be2be0bc6422397.tar.gz chromate-96814fc7dbd1c5c9770dc5563be2be0bc6422397.tar.bz2 chromate-96814fc7dbd1c5c9770dc5563be2be0bc6422397.zip | |
Enhancement for non-self link security
| -rw-r--r-- | layout/_partial/footer.ejs | 4 | ||||
| -rw-r--r-- | layout/_partial/head.ejs | 7 | ||||
| -rw-r--r-- | layout/_partial/header.ejs | 9 | ||||
| -rw-r--r-- | layout/_partial/scripts.ejs | 7 |
4 files changed, 14 insertions, 13 deletions
diff --git a/layout/_partial/footer.ejs b/layout/_partial/footer.ejs index 385522c..492ca72 100644 --- a/layout/_partial/footer.ejs +++ b/layout/_partial/footer.ejs @@ -4,9 +4,9 @@ Copyright © <%= date(Date.now(), 'YYYY' ) %> <%= config.title %> <%= theme.copyright %> </div> <div class="footer-power"> - <p>Powered by <a href="https://hexo.io" target="_blank">Hexo</a> + <p>Powered by <a href="https://hexo.io" rel="noopener noreferrer" target="_blank">Hexo</a> <i class="fa fa-heart has-text-danger"></i> - Theme <a href="https://github.com/guiqiqi/chromate">Chromate</a> + Theme <a href="https://github.com/guiqiqi/chromate" rel="noopener noreferrer" target="_blank">Chromate</a> </div> </div> </footer>
\ No newline at end of file diff --git a/layout/_partial/head.ejs b/layout/_partial/head.ejs index 4ad5938..86e2438 100644 --- a/layout/_partial/head.ejs +++ b/layout/_partial/head.ejs @@ -20,9 +20,6 @@ <!-- Scripts and styles --> <style>pre{background-color:none!important;padding:0%!important;}@media(prefers-color-scheme:dark){*{transition:backgourd-color .5s}.card{box-shadow:none!important;background-color:#121212!important}}@media screen and (max-width:1023px){.navbar-menu{box-shadow:0 8px 16px -8px rgb(10 10 10 / 10%)!important}.post-content{padding-top:0!important}.post-card{margin:0 0 0 0!important}}.post-podcast-player{padding-bottom:1.5rem}.post-card{margin:0 1rem 0rem 1rem}.navbar-brand .navbar-item:hover{background-color:inherit!important}.entry{margin-bottom:1.5rem!important;margin-top:1.5rem!important;transition:box-shadow .1s}.entry:hover{box-shadow:0 1em 2em -0.125em rgb(10 10 10 / 10%),0 0 0 1px rgb(10 10 10 / 2%)}.pagination-bar{padding-left:.25rem;padding-right:.25rem}.footer{padding:1rem 1rem 1rem;background-color:transparent}</style> - <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bulma/css/bulma.min.css"> - <link media="none" onload="media='all'" rel="stylesheet" href="https://unpkg.com/[email protected]/css/bulma-prefers-dark.min.css" /> - <noscript> - <link rel="stylesheet" href="https://unpkg.com/[email protected]/css/bulma-prefers-dark.min.css" /> - </noscript> + <link rel="preload" as="style" onload="this.rel='stylesheet'" href="https://cdn.jsdelivr.net/npm/bulma/css/bulma.min.css"> + <link media="(prefers-color-scheme: dark)" rel="stylesheet" href="https://cdn.jsdelivr.net/gh/jloh/bulma-prefers-dark/css/bulma-prefers-dark.min.css"> </head>
\ No newline at end of file diff --git a/layout/_partial/header.ejs b/layout/_partial/header.ejs index f9463f7..8ad3684 100644 --- a/layout/_partial/header.ejs +++ b/layout/_partial/header.ejs @@ -47,9 +47,12 @@ const favicon = mapping[1]; let outter = link.startsWith("https://") ? true : false; %> - <a class="icon" href="<%= link %>" target="<%= outter ? '_blank' : '_self' %>"> - <i class="<%= favicon %>"></i> - </a> + <% if (outter) { %> + <a class="icon" href="<%= link %>" target="_blank" rel="noopener noreferrer"> + <% } else { %> + <a class="icon" href="<%= link %>"> + <% } %> + <i class="<%= favicon %>"></i></a> <% } %> </ul> </p> diff --git a/layout/_partial/scripts.ejs b/layout/_partial/scripts.ejs index 9f1a769..63975f4 100644 --- a/layout/_partial/scripts.ejs +++ b/layout/_partial/scripts.ejs @@ -33,11 +33,12 @@ </script> <% } %> -<!-- Font Awesome delay loading --> -<link media="none" onload="media='all'" rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/css/font-awesome.min.css"> - <!-- Shikwasa Player support --> <% if (is_post() && theme.podcast && page.podcast) { %> <script defer src="https://cdn.jsdelivr.net/npm/shikwasa/dist/shikwasa.min.js"></script> <link media="none" onload="media='all'" rel="stylesheet" href="https://cdn.jsdelivr.net/npm/shikwasa/dist/shikwasa.min.css"> <% } %> + +<!-- Font Awesome delay loading --> +<link rel="preload" as="style" onload="this.rel='stylesheet'" rel="stylesheet" + href="https://cdn.jsdelivr.net/npm/[email protected]/css/font-awesome.min.css"> |