From 15ed6dd58a001ad50a932145178a81fe65f7067a Mon Sep 17 00:00:00 2001
From: Arnaud Levy <arnaud.levy@noesya.coop>
Date: Thu, 6 Feb 2025 08:40:06 +0100
Subject: [PATCH] Fix https://github.com/osunyorg/theme/issues/496 (#2671)

---
 app/services/static/html.rb | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/app/services/static/html.rb b/app/services/static/html.rb
index 9ee6775c7..7fefdbe4d 100644
--- a/app/services/static/html.rb
+++ b/app/services/static/html.rb
@@ -28,7 +28,7 @@ class Static::Html < Static::Default
     return html unless html.present?
     @doc = Nokogiri::HTML::DocumentFragment.parse(html)
     clean_empty_paragraphs_at_beginning_and_end!
-    add_html_tags_to_external_links!
+    clean_external_links!
     @doc.to_html
   end
 
@@ -49,11 +49,17 @@ class Static::Html < Static::Default
 
   # Each external link needs a <span class="sr-only">(lien externe)</span> in it
   # https://github.com/osunyorg/admin/issues/2151
-  def add_html_tags_to_external_links!
+  # It also needs rel="noreferrer"
+  # https://github.com/osunyorg/theme/issues/667 
+  def clean_external_links!
     hint = I18n.t('html.external_link', locale: locale)
     span = " <span class=\"sr-only\">(#{hint})</span>"
     @doc.css('a[target=_blank]').each do |link|
+      # Add text for screen readers
       link << span
+      # Add noreferrer
+      # https://nokogiri.org/rdoc/Nokogiri/XML/Node.html#method-i-kwattr_add
+      link.kwattr_add('rel', 'noreferrer')
     end
   end
 
-- 
GitLab