Resolve CodeQL alert 3 "Potentially unsafe external link" #6044
Description
Prerequisite
- Be a member of Hack for LA. (There are no fees to join.) If you have not joined yet, please follow the steps on our Getting Started page.
- Before you claim or start working on an issue, please make sure you have read our How to Contribute to Hack for LA Guide.
Overview
We need to resolve the alert "Potentially unsafe external link" which appears in the CodeQL alert 3 by adding the attribute rel="noopener noreferrer"
Action Items
- The following item is required for GitHub to establish tracking between this issue and the alert. No action is required. You may simply check the checkbox. If you do follow the link to learn more about CodeQL alerts, DO NOT DISMISS THE ALERT.
- https://github.com/hackforla/website/security/code-scanning/3
- Open the file
_includes/current-guides.htmlin your IDE - Replace
<h3><a href="{{item.resource-url}}" target="_blank">{{ item.title }}</a></h3>
with
<h3><a href="{{item.resource-url}}" target="_blank" rel="noopener noreferrer">{{ item.title }}</a></h3>
- Using Docker, check the url
/toolkitand check that the page remains the same in mobile, tablet, and desktop views as on the current website (See 2 in the Resources/Instructions section below). Check to make sure that the links "2FA Guide" and "Figma" are still functional.
Merge Team
- When this issue is completed, check off the issue in Epic: Create issues to resolve CodeQL alerts 1- 24, 98 "Potentially unsafe external link" #5129