[4.0] Add target _blank to display icon link as external (joomla#34760)

* Add target _blank * Add noopener noreferrer * Add noopener noreferrer * add rel=\"noopener noreferrer\" to plg_twofactorauth_totp.ini (#3) Because discussing about it takes more time than fixing it. ;-) Co-authored-by: Hans Kuijpers <info@hkweb.nl>
Bakual · Jul 12, 2021 · 9211583 · 9211583
1 parent 132a250
commit 9211583
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 6 deletions.
diff --git a/administrator/language/en-GB/com_admin.ini b/administrator/language/en-GB/com_admin.ini
@@ -139,7 +139,7 @@ COM_ADMIN_POST_MAX_SIZE="Post Max Size"
 COM_ADMIN_POSTINSTALL_MSG_BEHIND_LOAD_BALANCER_ACTION="Enable Behind Load Balancer Setting"
 COM_ADMIN_POSTINSTALL_MSG_BEHIND_LOAD_BALANCER_DESCRIPTION="<p>For Joomla sites hosted behind Load Balancers and Reverse Proxies a new Global Configuration setting has been introduced with Joomla 3.9.26</p><p>This setting, when enabled, will allow your Load Balancer/Reverse Proxy to provide the real IP address of your visitors. This IP will then be used in your Action Logs and used for tracking voting on articles (if these features are enabled).</p><p><strong>Only sites behind a Load Balancer/Reverse Proxy will wish to enable this feature.</strong></p>"
 COM_ADMIN_POSTINSTALL_MSG_BEHIND_LOAD_BALANCER_TITLE="New Server Setting \"Behind Load Balancer\""
-COM_ADMIN_POSTINSTALL_MSG_FLOC_BLOCKER_DESCRIPTION="<p>A new technology is currently being rolled out to browsers to replace third party tracking cookies. This technology is named Federated Learning of Cohorts (FLoC) and you can read more about it at the <a href=\"https://wicg.github.io/floc/\">Web Platform Incubator Community Group</a> and at the <a href=\"https://www.eff.org/deeplinks/2021/03/googles-floc-terrible-idea\">Electronic Frontier Foundation</a>. Starting with Joomla! 3.9.27 your website blocks this technology, you can re-allow it from the Global Configuration. Additionally to disable this technology for all requests to your server, you have to update your .htaccess.</p>"
+COM_ADMIN_POSTINSTALL_MSG_FLOC_BLOCKER_DESCRIPTION="<p>A new technology is currently being rolled out to browsers to replace third party tracking cookies. This technology is named Federated Learning of Cohorts (FLoC) and you can read more about it at the <a href=\"https://wicg.github.io/floc/\" target=\"_blank\" rel=\"noopener noreferrer\">Web Platform Incubator Community Group</a> and at the <a href=\"https://www.eff.org/deeplinks/2021/03/googles-floc-terrible-idea\" target=\"_blank\" rel=\"noopener noreferrer\">Electronic Frontier Foundation</a>. Starting with Joomla! 3.9.27 your website blocks this technology, you can re-allow it from the Global Configuration. Additionally to disable this technology for all requests to your server, you have to update your .htaccess.</p>"
 COM_ADMIN_POSTINSTALL_MSG_FLOC_BLOCKER_TITLE="Block Federated Learning of Cohorts (FLoC)"
 COM_ADMIN_POSTINSTALL_MSG_HTACCESS_AUTOINDEX_DESCRIPTION="<p>Before 3.9.22 the default htaccess.txt file contained erroneous code meant for disabling directory listings. The security team recommends to manually apply the necessary changes to any existing .htaccess file, as this file can not be updated automatically.</p><p>The old code:</p><pre>&lt;IfModule autoindex&gt;\n  IndexIgnore *\n&lt;/IfModule&gt;</pre><p>The new code:</p><pre>&lt;IfModule mod_autoindex.c&gt;\n  IndexIgnore *\n&lt;/IfModule&gt;</pre>"
 COM_ADMIN_POSTINSTALL_MSG_HTACCESS_AUTOINDEX_TITLE=".htaccess Update Concerning Directory Listings"

diff --git a/administrator/language/en-GB/com_cpanel.ini b/administrator/language/en-GB/com_cpanel.ini
@@ -24,13 +24,13 @@ COM_CPANEL_MSG_LANGUAGEACCESS340_BODY="Since Joomla! 3.4.0 you may have issues w
 COM_CPANEL_MSG_LANGUAGEACCESS340_TITLE="You have possible issues with your multilingual settings"
 COM_CPANEL_MSG_ROBOTS_BODY="A change to the default robots.txt files was made in Joomla! 3.3 to allow Google to access templates and media files by default to improve SEO. This change is not applied automatically on upgrades and users are recommended to review the changes in the robots.txt.dist file and implement these changes in their own robots.txt file."
 COM_CPANEL_MSG_ROBOTS_TITLE="robots.txt Update"
-COM_CPANEL_MSG_STATS_COLLECTION_BODY="<p>Since Joomla! 3.5 a statistics plugin will submit anonymous data to the Joomla Project. This will only submit the Joomla version, PHP version, database engine and version, and server operating system.</p><p>This data is collected to ensure that future versions of Joomla can take advantage of the latest database and PHP features without affecting significant numbers of users. The need for this became clear when a minimum of PHP 5.3.10 was required when Joomla! 3.3 implemented the more secure Bcrypt passwords.</p><p>In the interest of full transparency and to help developers <a href=\"https://developer.joomla.org/about/stats.html\">this data is publicly available.</a> An API and graphs will show the Joomla version, PHP versions and database engines in use.</p><p>If you do not wish to provide the Joomla Project with this information you can disable the plugin called System - Joomla Statistics.</p>"
+COM_CPANEL_MSG_STATS_COLLECTION_BODY="<p>Since Joomla! 3.5 a statistics plugin will submit anonymous data to the Joomla Project. This will only submit the Joomla version, PHP version, database engine and version, and server operating system.</p><p>This data is collected to ensure that future versions of Joomla can take advantage of the latest database and PHP features without affecting significant numbers of users. The need for this became clear when a minimum of PHP 5.3.10 was required when Joomla! 3.3 implemented the more secure Bcrypt passwords.</p><p>In the interest of full transparency and to help developers <a href=\"https://developer.joomla.org/about/stats.html\" target=\"_blank\" rel=\"noopener noreferrer\">this data is publicly available.</a> An API and graphs will show the Joomla version, PHP versions and database engines in use.</p><p>If you do not wish to provide the Joomla Project with this information you can disable the plugin called System - Joomla Statistics.</p>"
 COM_CPANEL_MSG_STATS_COLLECTION_TITLE="Stats Collection in Joomla"
 COM_CPANEL_MSG_TEXTFILTER3919_BODY="<p>As part of our security team's review, we have made some changes to the default settings for the global text filters in a new Joomla installation. The default setting for the 'Public', 'Guest' and 'Registered' groups is now 'No HTML'. As these changes are only applied to new installations, we strongly recommend that you review these changes and update your site from: System &rarr; Global Configuration &rarr; Text Filters</p>"
 COM_CPANEL_MSG_TEXTFILTER3919_TITLE="Updated Text Filter Recommendations"
 COM_CPANEL_TITLE_SYSTEM_PANEL="System Panel"
 COM_CPANEL_UNPUBLISH_MODULE_ERROR="Error unpublishing the module"
 COM_CPANEL_UNPUBLISH_MODULE_SUCCESS="Module unpublished"
-COM_CPANEL_WELCOME_BEGINNERS_MESSAGE="<p>Community resources are available for new users.</p><ul><li><a href=\"https://docs.joomla.org/Special:MyLanguage/Portal:Beginners\">Joomla! Beginners Guide</a></li><li><a href=\"https://forum.joomla.org/viewforum.php?f=808\">New to Joomla! Forum</a></li></ul>"
+COM_CPANEL_WELCOME_BEGINNERS_MESSAGE="<p>Community resources are available for new users.</p><ul><li><a href=\"https://docs.joomla.org/Special:MyLanguage/Portal:Beginners\" target=\"_blank\" rel=\"noopener noreferrer\">Joomla! Beginners Guide</a></li><li><a href=\"https://forum.joomla.org/viewforum.php?f=808\" target=\"_blank\" rel=\"noopener noreferrer\">New to Joomla! Forum</a></li></ul>"
 COM_CPANEL_WELCOME_BEGINNERS_TITLE="Welcome to Joomla!"
 COM_CPANEL_XML_DESCRIPTION="Home Dashboard component"
diff --git a/administrator/language/en-GB/plg_twofactorauth_totp.ini b/administrator/language/en-GB/plg_twofactorauth_totp.ini
@@ -8,7 +8,7 @@ PLG_TWOFACTORAUTH_TOTP_ERR_VALIDATIONFAILED="You did not enter a valid security
 PLG_TWOFACTORAUTH_TOTP_INTRO="This feature allows you to use Google Authenticator, or a compatible application such as FreeOTP, for two factor authentication. In addition to your username and password you will also need to provide a six digit security code to be able to login to this site. The security code is rotated every 30 seconds. This provides extra protection against hackers logging in to your account even if they were able to get hold of your password."
 PLG_TWOFACTORAUTH_TOTP_METHOD_TITLE="Google Authenticator"
 PLG_TWOFACTORAUTH_TOTP_POSTINSTALL_ACTION="Enable two factor authentication"
-PLG_TWOFACTORAUTH_TOTP_POSTINSTALL_BODY="<p>Joomla! comes with a built-in two factor authentication system. It secures your site login with a secondary secret code that's changing every 30 seconds. You can use your mobile device and the <a href=\"https://en.wikipedia.org/wiki/Google_Authenticator\" target=\"_blank\">Google Authenticator</a> app to produce that code.</p><p>By selecting the button below:</p><ul><li>Joomla! will enable the two factor authentication plugins</li><li>Two Factor Authentication is going to be available for all users.</li><li>Each user can configure Two Factor Authentication in User Details.</li><li>You can always disable Two Factor Authentication plugin, or configure it for Backend usage only.</li><li>You will be taken to your user profile page where you can find more information on two factor authentication and enable it for your user account.</li></ul>"
+PLG_TWOFACTORAUTH_TOTP_POSTINSTALL_BODY="<p>Joomla! comes with a built-in two factor authentication system. It secures your site login with a secondary secret code that's changing every 30 seconds. You can use your mobile device and the <a href=\"https://en.wikipedia.org/wiki/Google_Authenticator\" target=\"_blank\" rel=\"noopener noreferrer\">Google Authenticator</a> app to produce that code.</p><p>By selecting the button below:</p><ul><li>Joomla! will enable the two factor authentication plugins</li><li>Two Factor Authentication is going to be available for all users.</li><li>Each user can configure Two Factor Authentication in User Details.</li><li>You can always disable Two Factor Authentication plugin, or configure it for Backend usage only.</li><li>You will be taken to your user profile page where you can find more information on two factor authentication and enable it for your user account.</li></ul>"
 PLG_TWOFACTORAUTH_TOTP_POSTINSTALL_TITLE="Two Factor Authentication is Available"
 PLG_TWOFACTORAUTH_TOTP_SECTION_ADMIN="Administrator (Backend)"
 PLG_TWOFACTORAUTH_TOTP_SECTION_BOTH="Both"
@@ -21,7 +21,7 @@ PLG_TWOFACTORAUTH_TOTP_STEP1_ITEM1_LINK="https://support.google.com/accounts/bin
 PLG_TWOFACTORAUTH_TOTP_STEP1_ITEM2="Compatible clients for other devices and operating system (listed in Wikipedia)."
 ; Change and check this link if there is a translation in your language available. (current: German, Spanish, French, Japanese, Polish)
 PLG_TWOFACTORAUTH_TOTP_STEP1_ITEM2_LINK="https://en.wikipedia.org/wiki/Google_Authenticator#Implementation"
-PLG_TWOFACTORAUTH_TOTP_STEP1_TEXT="Download and install <a href=\"https://en.wikipedia.org/wiki/Google_Authenticator\" target=\"_blank\">Google Authenticator</a>, or a compatible application such as <a href=\"https://freeotp.github.io/\" target=\"_blank\">FreeOTP</a>, on your smartphone or desktop. Use one of the following:"
+PLG_TWOFACTORAUTH_TOTP_STEP1_TEXT="Download and install <a href=\"https://en.wikipedia.org/wiki/Google_Authenticator\" target=\"_blank\" rel=\"noopener noreferrer\">Google Authenticator</a>, or a compatible application such as <a href=\"https://freeotp.github.io/\" target=\"_blank\">FreeOTP</a>, on your smartphone or desktop. Use one of the following:"
 PLG_TWOFACTORAUTH_TOTP_STEP1_WARN="Please remember to sync your device's clock with a time-server. Time drift in your device may cause an inability to log in to your site."
 PLG_TWOFACTORAUTH_TOTP_STEP2_ACCOUNT="Account"
 PLG_TWOFACTORAUTH_TOTP_STEP2_ALTTEXT="Alternatively, you can scan the following QR code in Google Authenticator."
@@ -32,4 +32,4 @@ PLG_TWOFACTORAUTH_TOTP_STEP2_TEXT="You will need to enter the following informat
 PLG_TWOFACTORAUTH_TOTP_STEP3_HEAD="Step 3 - Activate Two Factor Authentication"
 PLG_TWOFACTORAUTH_TOTP_STEP3_SECURITYCODE="Security Code"
 PLG_TWOFACTORAUTH_TOTP_STEP3_TEXT="To verify that everything is set up properly, please enter the security code displayed in Google Authenticator in the field below. Afterwards, please save your user profile. If the code is correct, the Two Factor Authentication feature will be enabled."
-PLG_TWOFACTORAUTH_TOTP_XML_DESCRIPTION="Allows users on your site to use two factor authentication using <a href=\"https://en.wikipedia.org/wiki/Google_Authenticator\" target=\"_blank\">Google Authenticator</a> or other compatible time-based One Time Password generators such as <a href=\"https://freeotp.github.io/\" target=\"_blank\">FreeOTP</a>. To use two factor authentication please edit the user profile and enable two factor authentication."
+PLG_TWOFACTORAUTH_TOTP_XML_DESCRIPTION="Allows users on your site to use two factor authentication using <a href=\"https://en.wikipedia.org/wiki/Google_Authenticator\" target=\"_blank\" rel=\"noopener noreferrer\">Google Authenticator</a> or other compatible time-based One Time Password generators such as <a href=\"https://freeotp.github.io/\" target=\"_blank\" rel=\"noopener noreferrer\">FreeOTP</a>. To use two factor authentication please edit the user profile and enable two factor authentication."