fix: cherry pick security issue fixes (#1432)

* fix: potential "Potentially unsafe external link" of TOS and EMail Links * fix: "Size computation for allocation may overflow" by limiting aes encrypt to 64MB
2025-10-27 08:19:19 +00:00 · 2021-03-19 09:10:50 +01:00
parent bc7e650089
commit b01f277e4b
5 changed files with 8 additions and 4 deletions
--- a/internal/ui/login/static/templates/footer.html
+++ b/internal/ui/login/static/templates/footer.html
@@ -1,7 +1,7 @@
 {{define "footer"}}
 <footer>
    <span class="fill-space"></span>
-    <a href="{{t "Footer.TosLink"}}" target="_blank" alt="Privacy Policy">{{t "Footer.TosPrivacyPolicy"}}</a>
+    <a href="{{t "Footer.TosLink"}}" rel="noopener noreferrer" target="_blank" alt="Privacy Policy">{{t "Footer.TosPrivacyPolicy"}}</a>
    <a href="https://docs.zitadel.ch/use" target="_black" alt="Help">{{t "Footer.Help"}}</a>
 </footer>
 {{end}}