Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resolve CodeQL alert 98 "Potentially unsafe external link" #6309

Closed
4 of 7 tasks
Tracked by #5129
t-will-gillis opened this issue Feb 17, 2024 · 2 comments · Fixed by #6566
Closed
4 of 7 tasks
Tracked by #5129

Resolve CodeQL alert 98 "Potentially unsafe external link" #6309

t-will-gillis opened this issue Feb 17, 2024 · 2 comments · Fixed by #6566
Assignees
@nelsonuprety1
Labels
Feature: Code Alerts good first issue Good for newcomers P-Feature: Communities of Practice https://www.hackforla.org/communities-of-practice role: back end/devOps Tasks for back-end developers size: 0.25pt Can be done in 0.5 to 1.5 hours
Milestone
02. Security

Comments

@t-will-gillis
Copy link
Member

t-will-gillis commented Feb 17, 2024
edited by nelsonuprety1
Loading

Prerequisite

  1. Be a member of Hack for LA. (There are no fees to join.) If you have not joined yet, please follow the steps on our Getting Started page.
  2. Before you claim or start working on an issue, please make sure you have read our How to Contribute to Hack for LA Guide.

Overview

We need to resolve the alert "Potentially unsafe external link" which appears in the CodeQL alert 98 by moving the attribute rel="noopener noreferrer" from the <img> tag to the <a> tag.

Action Items

  • The following item is required for GitHub to establish tracking between this issue and the alert. No action is required. You may simply check the checkbox. If you do follow the link to learn more about CodeQL alerts, DO NOT DISMISS THE ALERT.
  • https://github.com/hackforla/website/security/code-scanning/98
  • Open the file pages/communities-of-practice.html in your IDE
  • On line 50, replace:
<a href='{{ leader.links.github }}' target='_blank' title='GitHub Profile'><img class='leader-img--communities' src='{{ leader.picture }}' rel='noopener noreferrer'/></a>

with

<a href='{{ leader.links.github }}' target='_blank' title='GitHub Profile' rel='noopener noreferrer' ><img class='leader-img--communities' src='{{ leader.picture }}' /></a>
  • The scope of this issue is only for the code identified in CodeQL alert 98.
  • Using Docker, check the page remains the same in mobile, tablet, and desktop views as on the current website (See 2 in the Resources/Instructions section below)

Merge Team

Resources/Instructions

  1. GitHub CodeQL documentation
  2. Webpage: https://www.hackforla.org/communities-of-practice
  3. This issue is a correction of Resolve CodeQL alert 20 "Potentially unsafe external link" #6054, and is a part of Epic: Create issues to resolve CodeQL alerts 1- 24, 98 "Potentially unsafe external link" #5129
@t-will-gillis t-will-gillis added good first issue Good for newcomers role: back end/devOps Tasks for back-end developers P-Feature: Communities of Practice https://www.hackforla.org/communities-of-practice Ready for Prioritization size: 0.25pt Can be done in 0.5 to 1.5 hours Feature: Code Alerts labels Feb 17, 2024
@t-will-gillis t-will-gillis added this to the 02. Security milestone Feb 17, 2024
@t-will-gillis t-will-gillis mentioned this issue Feb 17, 2024
Open
29 tasks
@Ayrh1 Ayrh1 self-assigned this Mar 14, 2024
@hackforla hackforla deleted a comment from github-actions bot Mar 14, 2024
@Ayrh1 Ayrh1 removed their assignment Mar 14, 2024
@nelsonuprety1 nelsonuprety1 self-assigned this Apr 4, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Apr 4, 2024

Hi @nelsonuprety1, thank you for taking up this issue! Hfla appreciates you :)

Do let fellow developers know about your:-
i. Availability: (When are you available to work on the issue/answer questions other programmers might have about your issue?)
ii. ETA: (When do you expect this issue to be completed?)

You're awesome!

P.S. - You may not take up another issue until this issue gets merged (or closed). Thanks again :)

@nelsonuprety1 nelsonuprety1 mentioned this issue Apr 4, 2024
Merged
@nelsonuprety1
Copy link
Member

Please check #6566 . Thank You.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nelsonuprety1 nelsonuprety1

Labels
Feature: Code Alerts good first issue Good for newcomers P-Feature: Communities of Practice https://www.hackforla.org/communities-of-practice role: back end/devOps Tasks for back-end developers size: 0.25pt Can be done in 0.5 to 1.5 hours
Projects
P: HfLA Website: Project Board
Archived in project
Milestone
02. Security
Development

Successfully merging a pull request may close this issue.

Resolved codeql alert 98 nelsonuprety1/website
5 participants
@roslynwythe @nelsonuprety1 @ExperimentsInHonesty @t-will-gillis @Ayrh1