Author: kkolinko
Date: Sat Feb 16 09:50:24 2019
New Revision: 1853696
URL: http://svn.apache.org/viewvc?rev=1853696&view=rev
Log:
Do not add CSRF nonce parameter and suppress Referer header for external links
in Manager and Host Manager web applications.
Modified:
tomcat/trunk/webapps/manager/WEB-INF/jsp/401.jsp
tomcat/trunk/webapps/manager/WEB-INF/jsp/403.jsp
Modified: tomcat/trunk/webapps/manager/WEB-INF/jsp/401.jsp
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/manager/WEB-INF/jsp/401.jsp?rev=1853696&r1=1853695&r2=1853696&view=diff
==============================================================================
--- tomcat/trunk/webapps/manager/WEB-INF/jsp/401.jsp (original)
+++ tomcat/trunk/webapps/manager/WEB-INF/jsp/401.jsp Sat Feb 16 09:50:24 2019
@@ -73,7 +73,7 @@
</ul>
<p>
For more information - please see the
- <a href="/docs/manager-howto.html">Manager App How-To</a>.
+ <a href="/docs/manager-howto.html" rel="noopener noreferrer">Manager App
How-To</a>.
</p>
</body>
Modified: tomcat/trunk/webapps/manager/WEB-INF/jsp/403.jsp
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/manager/WEB-INF/jsp/403.jsp?rev=1853696&r1=1853695&r2=1853696&view=diff
==============================================================================
--- tomcat/trunk/webapps/manager/WEB-INF/jsp/403.jsp (original)
+++ tomcat/trunk/webapps/manager/WEB-INF/jsp/403.jsp Sat Feb 16 09:50:24 2019
@@ -93,7 +93,7 @@
</ul>
<p>
For more information - please see the
- <a href="/docs/manager-howto.html">Manager App How-To</a>.
+ <a href="/docs/manager-howto.html" rel="noopener noreferrer">Manager App
How-To</a>.
</p>
</body>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
