commit | 5edb5a93061c36e183899415beaf0dab2495b984 | [log] [tgz] |
---|---|---|
author | Hong Teoh <liangtl@amazon.com> | Wed Jun 05 16:15:44 2024 +0000 |
committer | Hong Teoh <liangtl@amazon.com> | Thu Jun 06 12:45:33 2024 +0000 |
tree | e6402ae26a37348fdb636e989e93ce903b955a14 | |
parent | 56d4f7270c907f9a2522cb1aa3a51be80de1733c [diff] |
[FLINK-35532][Runtime/Web Frontend] Prevent Cross-Site Authentication (XSA) attacks on Flink dashboard
diff --git a/flink-runtime-web/web-dashboard/src/app/pages/job-manager/profiler/job-manager-profiler.component.html b/flink-runtime-web/web-dashboard/src/app/pages/job-manager/profiler/job-manager-profiler.component.html index 16429b4..5df8c46 100644 --- a/flink-runtime-web/web-dashboard/src/app/pages/job-manager/profiler/job-manager-profiler.component.html +++ b/flink-runtime-web/web-dashboard/src/app/pages/job-manager/profiler/job-manager-profiler.component.html
@@ -107,7 +107,11 @@ <ng-template #titleTemplate> <span> Please refer to - <a href="https://github.com/async-profiler/async-profiler/wiki"> + <a + href="https://github.com/async-profiler/async-profiler/wiki" + target="_blank" + rel="noopener noreferrer" + > async-profiler's wiki </a> for more detailed info of this feature.
diff --git a/flink-runtime-web/web-dashboard/src/app/pages/task-manager/profiler/task-manager-profiler.component.html b/flink-runtime-web/web-dashboard/src/app/pages/task-manager/profiler/task-manager-profiler.component.html index 405f281..e9cef22 100644 --- a/flink-runtime-web/web-dashboard/src/app/pages/task-manager/profiler/task-manager-profiler.component.html +++ b/flink-runtime-web/web-dashboard/src/app/pages/task-manager/profiler/task-manager-profiler.component.html
@@ -107,7 +107,11 @@ <ng-template #titleTemplate> <span> Please refer to - <a href="https://github.com/async-profiler/async-profiler/wiki"> + <a + href="https://github.com/async-profiler/async-profiler/wiki" + target="_blank" + rel="noopener noreferrer" + > async-profiler's wiki </a> for more detailed info of this feature.