Security: Add attribute rel="noopener noreferrer" to links with target=_blank to reduce probability of tabnabbing - refs BT#21289

Author: ywarnier

Diff for: documentation/changelog.html

@@ -98,7 +98,7 @@ <h1>Chamilo&nbsp;Changelog</h1>
 <p><i>Note: Some #wxyz references are issue numbers you can either find
     <a href="https://github.com/chamilo/chamilo-lms/issues">on Github</a> or (for very old ones) on
     <a href="https://support.chamilo.org/projects/chamilo-18/issues"
-       target="_blank">our previous public bug tracking system (in which case
+       target="_blank" rel="noopener noreferrer">our previous public bug tracking system (in which case
     they will be prefixed by the marker "CT")</a>.
     <br />
     Some references marked BT#xyz are developments made externally for BeezNest

Diff for: documentation/credits.html

@@ -764,7 +764,7 @@ <h1>Deprecated developments</h1>
 <a id="association"></a>
 <h1>The Chamilo Association</h1>
 The Chamilo Association is very present inside the organizational structure of the Chamilo community, yet it tries to avoid interfering in the development of the software. It acts as a neutral organization supporting the development of the Chamilo software, and improving its popularity.
-To know more about the Chamilo Association and how to get involve, <a href="https://www.chamilo.org/en/association" target="_blank">&gt; start by reading its presentation &lt;</a>
+To know more about the Chamilo Association and how to get involve, <a href="https://www.chamilo.org/en/association" target="_blank" rel="noopener noreferrer">&gt; start by reading its presentation &lt;</a>
 </div>
 
 <hr />

Diff for: documentation/installation_guide.html

@@ -571,10 +571,10 @@ <h3>LDAP import into sessions</h3>
 <h2><a id="9._WIRIS_mathematical_formulas"></a>7. Mathematical formulas with WIRIS MathType</h2>
 <p>Installing this plugin you get WIRIS MathType. <br/>
 This activation will not be completed unless you have previously downloaded
-    the <a href="https://www.wiris.com/plugins/ckeditor/download" target="_blank">PHP plugin for CKeditor WIRIS</a>
+    the <a href="https://www.wiris.com/plugins/ckeditor/download" target="_blank" rel="noopener noreferrer">PHP plugin for CKeditor WIRIS</a>
     and unzipped its contents into the main/inc/lib/ckeditor/editor/plugins/ckeditor_wiris/ directory.<br/><br />
     This is necessary because Wiris is proprietary software and its services are
-    <a href="https://www.wiris.com/store/who-pays" target="_blank">commercial</a>.
+    <a href="https://www.wiris.com/store/who-pays" target="_blank" rel="noopener noreferrer">commercial</a>.
     To make adjustments to the plugin, edit configuration.ini file or replace his content by
     configuration.ini.default Chamilo file.</p>
 

Diff for: documentation/installation_guide_es_ES.html

@@ -674,8 +674,8 @@ <h3>Importar LDAP en sesiones</h3>
 <h2><a id="9._WIRIS_mathematical_formulas"></a>7. Fórmulas matemáticas con Wiris MathType</h2>
 <p>
   Instalando este plugin obtendrá Wiris MathType.<br />
-  La activación no se realiza completamente si previamente no ha descargado el <a href="https://www.wiris.com/plugins/ckeditor/download" target="_blank">plugin PHP para CKeditor de WIRIS</a> y descomprimido su contenido en el directorio de Chamilo /main/inc/lib/javascript/ckeditor/plugins/ckeditor_wiris.<br /><br />
-  Esto es necesario debido a que WIRIS es un software propietario y los servicios de WIRIS son <a href="https://www.wiris.com/store/who-pays" target="_blank">comerciales</a>. Para realizar ajustes en el plugin edite el archivo configuration.ini o sustituya su contenido por el de configuration.ini.default que acompaña a Chamilo.
+  La activación no se realiza completamente si previamente no ha descargado el <a href="https://www.wiris.com/plugins/ckeditor/download" target="_blank" rel="noopener noreferrer">plugin PHP para CKeditor de WIRIS</a> y descomprimido su contenido en el directorio de Chamilo /main/inc/lib/javascript/ckeditor/plugins/ckeditor_wiris.<br /><br />
+  Esto es necesario debido a que WIRIS es un software propietario y los servicios de WIRIS son <a href="https://www.wiris.com/store/who-pays" target="_blank" rel="noopener noreferrer">comerciales</a>. Para realizar ajustes en el plugin edite el archivo configuration.ini o sustituya su contenido por el de configuration.ini.default que acompaña a Chamilo.
 </p>
 <hr style="width: 100%; height: 2px;" />
 

Diff for: documentation/installation_guide_fr_FR.html

@@ -634,8 +634,8 @@ <h3>LDAP import into sessions</h3>
             <h2><a id="9._WIRIS_mathematical_formulas"></a>7. Formules mathématiques avec Wiris MathType</h2>
             <p>
                 En installant ce plugin, vous intégrez Wiris MathType.<br />
-                Cette activation ne sera pas complète à moins que vous n'ayez d'abord téléchargé le plugin <a href="https://www.wiris.com/plugins/ckeditor/download" target="_blank">PHP pour CKeditor WIRIS</a> et l'ayez décompressé dans main/inc/lib/javascript/ckeditor/plugins/ckeditor_wiris.<br /><br />
-                Cette étape est nécessaire parce que WIRIS est un logiciel propriétaire et ses services sont de type <a href="https://www.wiris.com/store/who-pays" target="_blank">commerciaux</a>. Pour faire des modifications au plugin , éditez le fichier configuration.ini ou remplacez son contenu par le fichier configuration.ini.default de Chamilo.
+                Cette activation ne sera pas complète à moins que vous n'ayez d'abord téléchargé le plugin <a href="https://www.wiris.com/plugins/ckeditor/download" target="_blank" rel="noopener noreferrer">PHP pour CKeditor WIRIS</a> et l'ayez décompressé dans main/inc/lib/javascript/ckeditor/plugins/ckeditor_wiris.<br /><br />
+                Cette étape est nécessaire parce que WIRIS est un logiciel propriétaire et ses services sont de type <a href="https://www.wiris.com/store/who-pays" target="_blank" rel="noopener noreferrer">commerciaux</a>. Pour faire des modifications au plugin , éditez le fichier configuration.ini ou remplacez son contenu par le fichier configuration.ini.default de Chamilo.
 
             </p>
             <hr style="width: 100%; height: 2px;" />

Diff for: documentation/installation_guide_it_IT.html

@@ -495,10 +495,10 @@ <h1>Guida di installazione di Chamilo LMS 1.9</h1>
   <li class="li6"><span class="s1">9. Formule matematiche con Wiris MathType</span></li>
 </ol>
 <p>
-  Installare il plugin <a href="https://www.wiris.com/plugins/ckeditor/download" target="_blank">PHP plugin for CKeditor WIRIS</a>, decompattarlo nella cartella /main/inc/lib/javascript/ckeditor/plugins/ckeditor_wiris.
+  Installare il plugin <a href="https://www.wiris.com/plugins/ckeditor/download" target="_blank" rel="noopener noreferrer">PHP plugin for CKeditor WIRIS</a>, decompattarlo nella cartella /main/inc/lib/javascript/ckeditor/plugins/ckeditor_wiris.
   A seguito dell’installazione si ottiene un editor Wiris MathType.
   Si segnala che WIRIS è un software proprietario ed i suoi servizi sono servizi
-  <a href="https://www.wiris.com/store/who-pays" target="_blank">commerciali</a>.
+  <a href="https://www.wiris.com/store/who-pays" target="_blank" rel="noopener noreferrer">commerciali</a>.
   Per qualsiasi modifica o configurazione ulteriore del plugin modificare il file configuration.ini o sostituirlo con il file configuration.ini di default di Chamilo.
 
 </p>

Diff for: documentation/security.html

@@ -56,7 +56,7 @@ <h2><a id="3.Using-safe-browsers"></a>3. Using safe browsers</h2>
     security of your computer and the data it contains, but you can also put others in danger by letting crackers take
     control of it and attacking others.</p>
 <p>To  avoid being a risk to yourself and others, you should download and install a recent browser. We recommend
-    <a href="https://www.getfirefox.com" target="_blank">the latest stable version of Firefox</a>.</p>
+    <a href="https://www.getfirefox.com" target="_blank" rel="noopener noreferrer">the latest stable version of Firefox</a>.</p>
 
 <h2><a id="4.Moving-config-file"></a>4. Moving your configuration file out of the web directory</h2>
 <p>It is considered unsafe to leave the configuration file inside the app/config/ directory, as it will be directly