Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

labCredit cross-origin links unsafe #158

Closed
matbrady opened this issue Sep 11, 2019 · 2 comments · May be fixed by #159
Closed

labCredit cross-origin links unsafe #158

matbrady opened this issue Sep 11, 2019 · 2 comments · May be fixed by #159

Comments

@matbrady
Copy link

matbrady commented Sep 11, 2019
edited
Loading

Problem

Google Lighthouse audits flag the labCredit link as being unsafe. This effects both performance and security. Details can be found here.

Example

The error can be seen on the Boston Globe site.

Screenshot 2019-09-11 10 54 02

Report JSON Export.
Viewable here: https://googlechrome.github.io/lighthouse/viewer/
Lighthouse Report.pdf

Proposed Solution

  1. Update links to use https instead of http
  2. Add rel attribute with a noopener value
matbrady added a commit to matbrady/juxtapose that referenced this issue Sep 11, 2019
@matbrady
fix: cross-origin links unsafe
5840937 
details https://developers.google.com/web/tools/lighthouse/audits/noopener
fix: NUKnightLab/juxtapose/NUKnightLab#158
@matbrady matbrady mentioned this issue Sep 11, 2019
Open
@hoopyfrood
Copy link

+1, this would be a simple and great addition

JoeGermuska added a commit that referenced this issue Sep 3, 2020
@JoeGermuska
address #158: use https and noopener for lab credit link
9aa6357
@JoeGermuska
Copy link
Member

As of now, latest JuxtaposeJS (1.2.2) has been updated to follow this recommendation. Most users will automatically see this update, unless they've gone out of their way to use a specific version of JuxtaposeJS.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Lighthouse audit updates matbrady/juxtapose
3 participants
@JoeGermuska @hoopyfrood @matbrady