mosaxiv/cakephp-secure-target-blank
Composer 安装命令:
composer require mosaxiv/cakephp-secure-target-blank
包简介
Adds noopener and noreferrer to target _blank in Html Helper.
README 文档
README
If you use the target="_blank" attribute on a link, you are leaving your users open to a very simple phishing attack. Adding rel="noopener noreferrer" on those links will prevent this vulnerability.
Further reading.
Requirements
- PHP 7.0+
- CakePHP 3.0.0+
Installation
You can install this plugin into your CakePHP application using composer.
The recommended way to install composer packages is:
composer require mosaxiv/cakephp-secure-target-blank
Usage
AppView Setup
load Helper
// src/View/AppView.php namespace App\View; use Cake\View\View; use SecureTargetBlank\View\Helper\HtmlHelper; class AppView extends View { public function initialize() { $this->loadHelper('Html', [ 'className' => HtmlHelper::class ]); } }
Helper Usage
Use the Html->link() with [target => "_blank"], rel="noopener noreferrer" will be added.
Basic
Html Helper:
$this->Html->link('test', 'http://example.com', ['target' => '_blank'])
will render this HTML:
'<a href="http://example.com" target="_blank" rel="noopener noreferrer">test</a>'
secureBlank Option
Html Helper:
$this->Html->link('test_title', ['controller' => 'test'], ['target' => '_blank', 'secureBlank' => false]);
will render this HTML:
<a href="/test/index" target="_blank">test_title</a>
统计信息
- 总下载量: 9
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 2
- 点击次数: 2
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2017-12-16