WordPress/wp-admin
davidbaumwald 2e249395de Comments: Add `noopener noreferrer` to author links in list table.
When viewing the listing of all comments, author links previously passed referrer information to untrusted URLs.  This change adds `noreferrer` to each author link, as well as `noopener` to prevent the passing of information about the parent window.

Props cybr, adam3128, erayalakese, andraganescu, audrasjb, joedolson, sabernhardt. 
Fixes #40916.
Built from https://develop.svn.wordpress.org/trunk@52007


git-svn-id: http://core.svn.wordpress.org/trunk@51596 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-03 20:02:02 +00:00
..
css Customizer: Make range controls full width. 2021-11-02 23:19:59 +00:00
images Help/About: Update the About section for 5.8. 2021-07-06 18:38:57 +00:00
includes Comments: Add `noopener noreferrer` to author links in list table. 2021-11-03 20:02:02 +00:00
js External Libraries: Update the Iris color picker to version 1.1.1. 2021-11-03 19:40:00 +00:00
maint Database: Check the correct value for displaying the "Successfully repaired table" or "Failed to repair" messages on Database Repair screen. 2020-12-04 15:50:12 +00:00
network Networks and Sites: Replace two remaining occurrences of "blog" with "site" in user-facing strings. 2021-07-28 10:02:00 +00:00
user Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
about.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
admin-ajax.php Login and Registration: Improve the UX of the Reset Password screen. 2021-02-02 18:13:04 +00:00
admin-footer.php Coding Standards: Simplify a condition in `wp-admin/admin-footer.php`. 2021-06-01 11:30:57 +00:00
admin-functions.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
admin-header.php Editor: Include post's title in editor `title` element. 2021-11-01 22:32:58 +00:00
admin-post.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
admin.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
async-upload.php Media: Improve upload page media item layout on smaller screens. 2021-06-22 04:26:58 +00:00
authorize-application.php App Passwords: Remove placeholder from the app password name input field. 2021-10-01 13:49:00 +00:00
comment.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
credits.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
custom-background.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
custom-header.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
customize.php Customize: Add wp-embed-responsive class to body if using widgets block editor 2021-09-01 07:10:56 +00:00
edit-comments.php Admin/Comments: remove bespoke truncation from search string HTML. 2021-11-02 15:57:59 +00:00
edit-form-advanced.php Editor: Use a consistent way to retrieve post ID on Edit Post screens. 2021-04-09 11:31:09 +00:00
edit-form-blocks.php REST API: Support custom namespaces for custom post types. 2021-10-31 23:16:58 +00:00
edit-form-comment.php Comments: Escape comment author's email in the Edit Comment form. 2021-06-07 18:47:02 +00:00
edit-link-form.php Posts, Post Types: Update the styling of the legacy Links editing screen. 2021-02-16 18:50:03 +00:00
edit-tag-form.php Administration: Consistently escape `admin_url()` links. 2021-06-17 14:37:00 +00:00
edit-tags.php Docs: Correct comment format in `wp-admin/edit-tags.php`, remove extra space. 2021-04-18 14:29:03 +00:00
edit.php General: Fix code quality issues which were identified by static analysis. 2021-09-22 21:01:00 +00:00
erase-personal-data.php Coding Standards: Remove wrapping HTML tags from translatable strings. 2021-07-08 17:07:58 +00:00
export-personal-data.php Coding Standards: Remove wrapping HTML tags from translatable strings. 2021-07-08 17:07:58 +00:00
export.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
freedoms.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
import.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
index.php Help/About: Improve typography in the `Welcome to your WordPress Dashboard!` text. 2021-11-03 03:16:57 +00:00
install-helper.php Docs: Improve documentation for functions in `wp-admin/install-helper.php` per the documentation standards. 2020-05-12 18:40:07 +00:00
install.php Coding Standards: Move some translator comments to the correct place. 2021-03-21 13:13:03 +00:00
link-add.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
link-manager.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
link-parse-opml.php XML-RPC: Explicitly unset the reference to the parser resource after calling `xml_parser_free()` to avoid memory leaks in PHP 7.0.0 or higher. 2020-07-05 15:22:01 +00:00
link.php Coding Standards: Apply some alignment fixes from `composer format`. 2021-07-27 19:01:59 +00:00
load-scripts.php Coding Standards: Fix instances of `Generic.WhiteSpace.ArbitraryParenthesesSpacing.FoundEmpty`. 2020-05-26 09:37:10 +00:00
load-styles.php Block Editor: Load the `WP_Theme_JSON_Resolver` class in `wp-admin/load-styles.php`. 2021-06-01 23:09:58 +00:00
media-new.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
media-upload.php Docs: Add examples of possible names for various hooks whose name contains a dynamic portion. 2021-03-07 12:32:09 +00:00
media.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
menu-header.php Coding Standards: Replace alias PHP functions with the canonical names. 2020-10-18 17:27:06 +00:00
menu.php Themes: Display the number of available theme updates in the admin menu. 2021-05-26 01:17:57 +00:00
moderation.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
ms-admin.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
ms-delete-site.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
ms-edit.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
ms-options.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
ms-sites.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
ms-themes.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
ms-upgrade-network.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
ms-users.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
my-sites.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
nav-menus.php Menus: Save display locations for new menus. 2021-08-30 04:12:57 +00:00
network.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
options-discussion.php Admin/Discussion Settings: attempt to clarify intent of "Default post settings" section. 2021-11-02 16:42:59 +00:00
options-general.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
options-head.php Administration: Replace legacy `updated` message type in `add_settings_error()` calls with `success`. 2019-08-16 00:39:55 +00:00
options-media.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
options-permalink.php Permalinks: Move the Nginx documentation link to help sidebar in `wp-admin/options-permalink.php`. 2021-10-05 23:11:06 +00:00
options-privacy.php Coding Standards: Use static closures when not using `$this`. 2021-08-26 12:59:02 +00:00
options-reading.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
options-writing.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
options.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
plugin-editor.php Admin/UI-Copy: reword some "we" usages. 2021-11-02 17:37:57 +00:00
plugin-install.php Docs: Document some more common names for dynamic hooks and standardise the phrasing used. 2021-09-21 18:21:00 +00:00
plugins.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
post-new.php Coding Standards: Use strict comparison where static strings are involved. 2020-05-16 18:42:12 +00:00
post.php Block Editor: Use a unique name for the nonce of the custom fields toggle form. 2021-02-08 21:39:16 +00:00
press-this.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
privacy-policy-guide.php Coding Standards: Use static closures when not using `$this`. 2021-08-26 12:59:02 +00:00
privacy.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
profile.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
revision.php Coding Standards: Apply some alignment fixes from `composer format`. 2021-07-27 19:01:59 +00:00
setup-config.php Upgrade/Install: Use consistent capitalization for "web host" in setup messages. 2021-08-14 12:06:59 +00:00
site-health-info.php Site Health: Internationalizes count in the info section headings. 2021-11-01 22:36:59 +00:00
site-health.php Site Health: Improve readability of site titles. 2021-06-28 23:07:57 +00:00
term.php Coding Standards: Use strict type check for `in_array()` and `array_search()` where strings are involved. 2020-04-05 03:02:11 +00:00
theme-editor.php Admin/UI-Copy: reword some "we" usages. 2021-11-02 17:37:57 +00:00
theme-install.php Coding Standards: Improve escaping in `wp-admin/theme-install.php`. 2021-10-20 19:18:01 +00:00
themes.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
tools.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
update-core.php Coding Standards: Consistently escape form action URL in `wp-admin/update-core.php`. 2021-10-17 20:31:02 +00:00
update.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
upgrade-functions.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
upgrade.php Coding Standards: Move some translator comments to the correct place. 2021-03-21 13:13:03 +00:00
upload.php Coding Standards: Use strict comparisons in `wp-admin/upload.php`. 2021-08-05 03:37:56 +00:00
user-edit.php Coding Standards: Fix some WPCS errors and warnings in `wp-admin/user-edit.php`: 2021-11-02 20:19:59 +00:00
user-new.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
users.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
widgets-form-blocks.php REST API: Support custom namespaces for custom post types. 2021-10-31 23:16:58 +00:00
widgets-form.php Widgets: Revert [51705]. 2021-09-09 21:40:57 +00:00
widgets.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00