fix: added security attributes to external links

shwetd19 · web-flow · commit dc48baf045b9 · 2025-02-06T15:05:34.000+05:30
- Added rel="noopener noreferrer" to video configuration link
- Prevented potential tab nabbing attacks
diff --git a/src/pretix/eventyay_common/templates/eventyay_common/event/fragment_dashboard.html b/src/pretix/eventyay_common/templates/eventyay_common/event/fragment_dashboard.html
@@ -61,7 +61,7 @@ <h3 class="panel-title">
             </p>
             {% if is_video_enabled %}
                 <p>
-                    {% trans "Go to" %} <a href="{% url 'eventyay_common:event.create_access_to_video' organizer=request.organizer.slug event=request.event.slug %}" target="_blank">{% trans "Video Configuration" %}</a>
+                    {% trans "Go to" %} <a href="{% url 'eventyay_common:event.create_access_to_video' organizer=request.organizer.slug event=request.event.slug %}" target="_blank" rel="noopener noreferrer">{% trans "Video Configuration" %}</a>
                 </p>
             {% else %}
                 <p>
