Mercurial > p > roundup > code
view scripts/roundup.rc-debian @ 5684:97e2125e064c
When we generate links from URL's in messages, we add rel="nofollow"
to combat link spam. This change turns that into rel="nofollow
noopener". This prevents the page at the end of the link from having
access to the roundup window that displays the link.
Details on the issue are are at:
https://mathiasbynens.github.io/rel-noopener/
search web for noopener vulnerability. This problem usually requires a
target="_blank" to really exploit it and we don't provide that. But
adding noopener is extra protection.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sat, 30 Mar 2019 21:15:33 -0400 |
| parents | 6e3e4f24c753 |
| children |
line wrap: on
line source
#!/bin/sh -e # # roundup Startup script for the roundup http server. DESC='Roundup HTTP-Server' BINFILE=roundup-server EXECUTABLE=/usr/local/bin/$BINFILE PIDFILE=/var/run/roundup/server.pid LOGFILE=/var/log/roundup/roundup.log TRACKERS=tttech=/tttech/org/software/roundup/tttech/ OPTIONS="-- -p 8080 -u roundup -d $PIDFILE -l $LOGFILE $TRACKERS" test -x $EXECUTABLE || exit 0 start_stop() { case "$1" in start) printf "Starting $DESC:" start-stop-daemon --start --oknodo --quiet \ --pidfile $PIDFILE \ --exec $EXECUTABLE $OPTIONS printf " $BINFILE" printf ".\n" ;; stop) printf "Stopping $DESC:" start-stop-daemon --stop --oknodo --quiet \ --pidfile $PIDFILE \ --exec $EXECUTABLE $OPTIONS printf " $BINFILE" printf ".\n" ;; restart | force-reload) start_stop stop sleep 1 start_stop start ;; *) printf "Usage: $0 {start|stop|restart|force-reload}\n" >&2 exit 1 ;; esac } start_stop "$@" exit 0