Commit 4a03bbe4 authored by Marin Jankovski's avatar Marin Jankovski

Add nofollow to all internal links.

parent 3910b591
...@@ -233,16 +233,29 @@ module ApplicationHelper ...@@ -233,16 +233,29 @@ module ApplicationHelper
end end
def link_to(name = nil, options = nil, html_options = nil, &block) def link_to(name = nil, options = nil, html_options = nil, &block)
if html_options begin
if html_options[:rel] uri = URI(options)
html_options[:rel] << " noreferrer" host = uri.host
absolute_uri = uri.absolute?
rescue URI::InvalidURIError, ArgumentError
host = nil
absolute_uri = nil
end
# Add "nofollow" only to external links
if host && host != Gitlab.config.gitlab.host && absolute_uri
if html_options
if html_options[:rel]
html_options[:rel] << " nofollow"
else
html_options.merge!(rel: "nofollow")
end
else else
html_options.merge(rel: "noreferrer") html_options = Hash.new
html_options[:rel] = "nofollow"
end end
else
html_options = Hash.new
html_options[:rel] = "noreferrer"
end end
super super
end end
end end
...@@ -195,4 +195,27 @@ describe ApplicationHelper do ...@@ -195,4 +195,27 @@ describe ApplicationHelper do
simple_sanitize(input).should == a_tag simple_sanitize(input).should == a_tag
end end
end end
describe "link_to" do
it "should not include rel=nofollow for internal links" do
expect(link_to("Home", root_path)).to eq("<a href=\"/\">Home</a>")
end
it "should include rel=nofollow for external links" do
expect(link_to("Example", "http://www.example.com")).to eq("<a href=\"http://www.example.com\" rel=\"nofollow\">Example</a>")
end
it "should include re=nofollow for external links and honor existing html_options" do
expect(
link_to("Example", "http://www.example.com", class: "toggle", data: {toggle: "dropdown"})
).to eq("<a class=\"toggle\" data-toggle=\"dropdown\" href=\"http://www.example.com\" rel=\"nofollow\">Example</a>")
end
it "should include rel=nofollow for external links and preserver other rel values" do
expect(
link_to("Example", "http://www.example.com", rel: "noreferrer")
).to eq("<a href=\"http://www.example.com\" rel=\"noreferrer nofollow\">Example</a>")
end
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment