Skip to content

Commit

Permalink
Fix security vulnerability (#788)
Browse files Browse the repository at this point in the history
  • Loading branch information
@SteveChapmanBCDX @ll911
SteveChapmanBCDX authored and ll911 committed Sep 13, 2019
1 parent 60ac049 commit f174f19
Show file tree
Hide file tree
Showing 12 changed files with 29 additions and 29 deletions.
2 changes: 1 addition & 1 deletion ckanext/bcgov/templates/ajax_snippets/api_info.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ <h3>
<p><strong>{{ _('Access resource data via a web API with powerful query support') }}</strong>.
{% trans %}
Further information in the <a
href="http://docs.ckan.org/en/latest/maintaining/datastore.html" target="_blank">main
href="http://docs.ckan.org/en/latest/maintaining/datastore.html" target="_blank" rel="noopener noreferrer">main
CKAN Data API and DataStore documentation</a>.</p>
{% endtrans %}
<div class="accordion" id="accordion2">
Expand Down
20 changes: 10 additions & 10 deletions ckanext/bcgov/templates/footer.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,13 +26,13 @@ <h2 class="pull-left">Connect With Us</h2>
</div>
<div class="">
<ul class="inline">
<li data-order="0"><a href="https://news.gov.bc.ca/" target="_blank">BC Gov News</a></li>
<li data-order="1"><a href="https://www.facebook.com/BCProvincialGovernment" target="_blank">Facebook</a></li>
<li data-order="2"><a href="https://twitter.com/BCGovNews" target="_blank">Twitter</a></li>
<li data-order="3"><a href="https://www.flickr.com/photos/bcgovphotos/" target="_blank">Photos</a></li>
<li data-order="4"><a href="https://www.youtube.com/user/ProvinceofBC" target="_blank">Videos</a></li>
<li data-order="5"><a href="https://news.gov.bc.ca/newsletters" target="_blank">Newsletters</a></li>
<li data-order="6"><a href="https://news.gov.bc.ca/connect#rss" target="_blank">RSS Feeds</a></li>
<li data-order="0"><a href="https://news.gov.bc.ca/" target="_blank" rel="noopener noreferrer">BC Gov News</a></li>
<li data-order="1"><a href="https://www.facebook.com/BCProvincialGovernment" target="_blank" rel="noopener noreferrer">Facebook</a></li>
<li data-order="2"><a href="https://twitter.com/BCGovNews" target="_blank" rel="noopener noreferrer">Twitter</a></li>
<li data-order="3"><a href="https://www.flickr.com/photos/bcgovphotos/" target="_blank" rel="noopener noreferrer">Photos</a></li>
<li data-order="4"><a href="https://www.youtube.com/user/ProvinceofBC" target="_blank" rel="noopener noreferrer">Videos</a></li>
<li data-order="5"><a href="https://news.gov.bc.ca/newsletters" target="_blank" rel="noopener noreferrer">Newsletters</a></li>
<li data-order="6"><a href="https://news.gov.bc.ca/connect#rss" target="_blank" rel="noopener noreferrer">RSS Feeds</a></li>
</ul>
</div>

Expand Down Expand Up @@ -161,8 +161,8 @@ <h3>About Tracking</h3>
</div>
<div class="modal-body">
<p>This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google").</p>
<p>Google Analytics uses "cookies," which are text files stored on your computer that enable an analysis of your use of the website. Some of the information generated by the cookie about your use of this website may be transmitted to and stored on Google servers outside of Canada. You may refuse the use of cookies by selecting the appropriate settings in your browser; however, please note that if you do so, you may not be able to use the full functionality of this website. Furthermore, you can prevent Google’s collection and use of data generated by the cookie and related to your use of the website by downloading and installing the browser plug-in available at (<a href="http://tools.google.com/dlpage/gaoptout?hl=en" target="_blank">http://tools.google.com/dlpage/gaoptout?hl=en</a>).</p>
<p>This website also specifies that Google Analytics apply IP Address Anonymization <a href="https://support.google.com/analytics/answer/2763052?hl=en" target="_blank">https://support.google.com/analytics/answer/2763052?hl=en</a> so that complete IP addresses are never stored by Google.</p>
<p>You can learn more about Google’s Privacy Policies as they pertain to our partner use from <a href="http://www.google.com/policies/privacy/partners/" target="_blank">http://www.google.com/policies/privacy/partners/</a>.</p>
<p>Google Analytics uses "cookies," which are text files stored on your computer that enable an analysis of your use of the website. Some of the information generated by the cookie about your use of this website may be transmitted to and stored on Google servers outside of Canada. You may refuse the use of cookies by selecting the appropriate settings in your browser; however, please note that if you do so, you may not be able to use the full functionality of this website. Furthermore, you can prevent Google’s collection and use of data generated by the cookie and related to your use of the website by downloading and installing the browser plug-in available at (<a href="http://tools.google.com/dlpage/gaoptout?hl=en" target="_blank" rel="noopener noreferrer">http://tools.google.com/dlpage/gaoptout?hl=en</a>).</p>
<p>This website also specifies that Google Analytics apply IP Address Anonymization <a href="https://support.google.com/analytics/answer/2763052?hl=en" target="_blank" rel="noopener noreferrer">https://support.google.com/analytics/answer/2763052?hl=en</a> so that complete IP addresses are never stored by Google.</p>
<p>You can learn more about Google’s Privacy Policies as they pertain to our partner use from <a href="http://www.google.com/policies/privacy/partners/" target="_blank" rel="noopener noreferrer">http://www.google.com/policies/privacy/partners/</a>.</p>
</div>
</div>
2 changes: 1 addition & 1 deletion ckanext/bcgov/templates/header.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ <h2 class="hidden-xs">
</li>
{% endif %}
<li>
<a href="http://engage.gov.bc.ca/data/feed/" target="_blank">Subscribe to Blog Posts</a><span class="no-trigger visible-xs-block"></span>
<a href="http://engage.gov.bc.ca/data/feed/" target="_blank" rel="noopener noreferrer">Subscribe to Blog Posts</a><span class="no-trigger visible-xs-block"></span>
</li>
</ul>
</div>
Expand Down
2 changes: 1 addition & 1 deletion ckanext/bcgov/templates/package/search.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
<section class="module">
<div class="module-content">
<div id="request-data">
<a href="https://forms.gov.bc.ca/databc-data-request/" target="_blank" class="btn btn-xs btn-primary">Request Data</a>
<a href="https://forms.gov.bc.ca/databc-data-request/" target="_blank" rel="noopener noreferrer" class="btn btn-xs btn-primary">Request Data</a>
<p>Did you not find what you were looking for? Request new data.</p>
</div>
</div>
Expand Down
4 changes: 2 additions & 2 deletions ckanext/bcgov/templates/package/snippets/map_view.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ <h4>Dataset Extent</h4>
</div>
{% if pkg.link_to_imap %}
<div class="imap">
<a href="{{ pkg.link_to_imap }}" target="_blank" class="btn btn-primary"><i class="fa fa-map-marker icon-map-marker"></i> View in iMapBC</a>
<a href="{{ pkg.link_to_imap }}" target="_blank" rel="noopener noreferrer" class="btn btn-primary"><i class="fa fa-map-marker icon-map-marker"></i> View in iMapBC</a>
</div>
{% endif %}
</div>
Expand All @@ -52,7 +52,7 @@ <h4>Dataset Extent</h4>
{% if ((not has_extent) and (pkg.link_to_imap)) %}
<div class="col-md-0">
<div class="imap">
<a href="{{ pkg.link_to_imap }}" target="_blank" class="btn btn-primary"><i class="fa fa-map-marker icon-map-marker"></i> View in iMapBC</a>
<a href="{{ pkg.link_to_imap }}" target="_blank" rel="noopener noreferrer" class="btn btn-primary"><i class="fa fa-map-marker icon-map-marker"></i> View in iMapBC</a>
</div>
</div>
{% endif %}
Expand Down
2 changes: 1 addition & 1 deletion ckanext/bcgov/templates/package/snippets/request_data.html
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<section id="{{ id }}" class="module module-narrow module-shallow">
<h2 class="module-heading">Request Data</h2>
<p class="module-content">Want more data? Request data that you can use to build apps for B.C. citizens. It has never been easier.</p>
<p class="module-content"><a href="https://forms.gov.bc.ca/databc-data-request" title="Request Data" target="_blank">Click here to request data</a></p>
<p class="module-content"><a href="https://forms.gov.bc.ca/databc-data-request" title="Request Data" target="_blank" rel="noopener noreferrer">Click here to request data</a></p>
</section>
4 changes: 2 additions & 2 deletions ckanext/bcgov/templates/package/snippets/resource_item.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,11 +67,11 @@
<i class="fa fa-external-link icon-external-link"></i>
{{ _('Access / Download') }}
{% elif res.has_views %}
<a href="{{ res.url }}" class="resource-url-analytics" target="_blank">
<a href="{{ res.url }}" class="resource-url-analytics" target="_blank" rel="noopener noreferrer">
<i class="fa fa-download icon-download"></i>
{{ _('Download') }}
{% else %}
<a href="{{ res.url }}" class="resource-url-analytics" target="_blank">
<a href="{{ res.url }}" class="resource-url-analytics" target="_blank" rel="noopener noreferrer">
<i class="fa fa-external-link icon-external-link"></i>
{{ _('Access / Download') }}
{% endif %}
Expand Down
2 changes: 1 addition & 1 deletion ckanext/bcgov/templates/package/snippets/resource_view.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@
</p>
<p id="data-view-error" class="collapse"></p>
<p>
<a href="{{ raw_resource_url }}" class="btn btn-large resource-url-analytics" target="_blank">
<a href="{{ raw_resource_url }}" class="btn btn-large resource-url-analytics" target="_blank" rel="noopener noreferrer">
<i class="fa fa-lg fa-download icon-large icon-download"></i>
{{ _('Download resource') }}
</a>
Expand Down
2 changes: 1 addition & 1 deletion ckanext/bcgov/templates/package/snippets/rss_feeds.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,6 @@ <h2 class="module-heading"><i class="fa fa-rss icon-medium icon-rss"></i> Subscr
{% if 'edc_disqus' in g.plugins %}
<li class="nav-item"><a href="http://{{ h.disqus_get_forum_name() }}.disqus.com/latest.rss" title="Subscribe to Catalogue Comments"><span>Subscribe to Catalogue Comments</span></a></li>
{% endif %}
<li class="nav-item"><a href="http://blog.data.gov.bc.ca/feed/" title="Subscribe to Blog Posts" target="_blank"><span>Subscribe to Blog Posts</span></a></li>
<li class="nav-item"><a href="http://blog.data.gov.bc.ca/feed/" title="Subscribe to Blog Posts" target="_blank" rel="noopener noreferrer"><span>Subscribe to Blog Posts</span></a></li>
</ul>
</section>
8 changes: 4 additions & 4 deletions ckanext/bcgov/templates/package/snippets/social.html
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
{% set current_url = h.full_current_url() %}
<h2 class="module-heading"><i class="fa fa-share icon-share"></i> Share this resource</h2>
<ul class="unstyled nav nav-simple">
<li class="nav-item"><a href="https://plus.google.com/share?url={{ current_url }}" target="_blank" title="Share this page on Google+"><i class="fa fa-google-plus icon-google-plus-sign"></i> Google+</a></li>
<li class="nav-item"><a href="https://twitter.com/share?url={{ current_url }}" target="_blank" title="Share this page on Twitter"><i class="fa fa-twitter icon-twitter-sign"></i> Twitter</a></li>
<li class="nav-item"><a href="https://www.facebook.com/sharer.php?u={{ current_url }}" target="_blank" title="Share this page on Facebook"><i class="fa fa-facebook-square icon-facebook-sign"></i> Facebook</a></li>
<li class="nav-item"><a href="http://www.linkedin.com/shareArticle?mini=true&url={{ current_url }}" target="_blank" title="Share this page on LinkedIn"><i class="fa fa-linkedin-square icon-linkedin-sign"></i> LinkedIn</a></li>
<li class="nav-item"><a href="https://plus.google.com/share?url={{ current_url }}" target="_blank" rel="noopener noreferrer" title="Share this page on Google+"><i class="fa fa-google-plus icon-google-plus-sign"></i> Google+</a></li>
<li class="nav-item"><a href="https://twitter.com/share?url={{ current_url }}" target="_blank" rel="noopener noreferrer" title="Share this page on Twitter"><i class="fa fa-twitter icon-twitter-sign"></i> Twitter</a></li>
<li class="nav-item"><a href="https://www.facebook.com/sharer.php?u={{ current_url }}" target="_blank" rel="noopener noreferrer" title="Share this page on Facebook"><i class="fa fa-facebook-square icon-facebook-sign"></i> Facebook</a></li>
<li class="nav-item"><a href="http://www.linkedin.com/shareArticle?mini=true&url={{ current_url }}" target="_blank" rel="noopener noreferrer" title="Share this page on LinkedIn"><i class="fa fa-linkedin-square icon-linkedin-sign"></i> LinkedIn</a></li>
</ul>
2 changes: 1 addition & 1 deletion ckanext/bcgov/templates/snippets/main-navigation.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@
{% if 'edc_disqus' in g.plugins %}
<li><a href="http://{{ h.disqus_get_forum_name() }}.disqus.com/latest.rss">Subscribe to Catalogue Comments</a></li>
{% endif %}
<li><a href="https://engage.gov.bc.ca/data/feed/" target="_blank">Subscribe to Blog Posts</a></li>
<li><a href="https://engage.gov.bc.ca/data/feed/" target="_blank" rel="noopener noreferrer">Subscribe to Blog Posts</a></li>
</ul>
</div>
<a href="{{ h.url('/about') }}">About</a>
Expand Down
8 changes: 4 additions & 4 deletions ckanext/bcgov/templates/snippets/social.html
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{% set current_url = h.full_current_url() %}
<ul class="dropdown-menu">
<li><a href="https://plus.google.com/share?url={{ current_url }}" target="_blank" title="Share this page on Google+"><i class="fa fa-google-plus icon-google-plus-sign"></i> Google+</a></li>
<li><a href="https://twitter.com/share?url={{ current_url }}" target="_blank" title="Share this page on Twitter"><i class="fa fa-twitter icon-twitter-sign"></i> Twitter</a></li>
<li><a href="https://www.facebook.com/sharer.php?u={{ current_url }}" target="_blank" title="Share this page on Facebook"><i class="fa fa-facebook-square icon-facebook-sign"></i> Facebook</a></li>
<li><a href="http://www.linkedin.com/shareArticle?mini=true&url={{ current_url }}" target="_blank" title="Share this page on LinkedIn"><i class="fa fa-linkedin-square icon-linkedin-sign"></i> LinkedIn</a></li>
<li><a href="https://plus.google.com/share?url={{ current_url }}" target="_blank" rel="noopener noreferrer" title="Share this page on Google+"><i class="fa fa-google-plus icon-google-plus-sign"></i> Google+</a></li>
<li><a href="https://twitter.com/share?url={{ current_url }}" target="_blank" rel="noopener noreferrer" title="Share this page on Twitter"><i class="fa fa-twitter icon-twitter-sign"></i> Twitter</a></li>
<li><a href="https://www.facebook.com/sharer.php?u={{ current_url }}" target="_blank" rel="noopener noreferrer" title="Share this page on Facebook"><i class="fa fa-facebook-square icon-facebook-sign"></i> Facebook</a></li>
<li><a href="http://www.linkedin.com/shareArticle?mini=true&url={{ current_url }}" target="_blank" rel="noopener noreferrer" title="Share this page on LinkedIn"><i class="fa fa-linkedin-square icon-linkedin-sign"></i> LinkedIn</a></li>
</ul>

0 comments on commit f174f19

Please sign in to comment.