Viewing 14 posts - 1 through 14 (of 14 total)
  • Author
    Posts
  • #1139222

    Running a Google Lighthouse report on sites made with Enfold, flags certain unsafe practises with some ALB theme elements. I have not tried this with all theme elements, but I’m guessing it’s probably a wider-scale issue than just the Testimonial element, but using that as an example. It’s also an issue in the social icon links that can be added in Enfold settings and displayed in header/footer. Please check all elements! This also has performance implications.

    Ok, here’s the issue as described by Google:

    https://developers.google.com/web/tools/lighthouse/audits/noopener?utm_source=lighthouse&utm_medium=devtools

    The links coming from the testimonial element are missing the “rel=…..” part, it’s just straight “target=”_blank”. You can see it on your own demo site https://kriesi.at/themes/enfold-2017/elements/testimonials/ if you run a Google Lighthouse audit on it.

    Can this please be addressed in a future update soon? WordPress has fixed this in its own widgets etc for some time now.

    Cheers,

    Tim

    • This topic was modified 5 years, 2 months ago by THP Studio.
    #1139850

    Hey THP,

    Thanks for pointing out this problem.

    I opened an issue for that in our dev repo and we will address this asap.

    Best regards,
    Günter

    #1140054

    Hey Gunter,

    Excellent, thanks for following this up, I hope it can be somewhat of a priority. Also just to reiterate, please do check all parts of the theme, as the ones I mentioned were just examples, but I’m sure every element thanks links out probably has the same issue.

    Cheers

    Tim

    #1140057

    Also Gunter, I know I’ve asked this many times (and many others have too), but is it possible to get a roadmap of Enfold updates coming up? It would really help as developers to know what to expect, when to plan for update cycles, what bugs we know you are prioritising etc.

    #1141025

    Hi,

    I added the rel=’noopener noreferrer’ for the next update – to all ‘_blank’ targets that have a cross domain:
    – ALB elements
    – wp menu walker
    – and I checked other files for _blank

    Hope I did not miss any. If you want to test I uploaded a beta version including all fixes since 4.6.2 and this feature.

    roadmap ……

    I forwarded this to Kriesi.

    As a first step we will create a sticky post in the forum where we will add all fixes in our merge queue and oncoming fixes.

    Best regards,
    Günter

    #1141032

    can you send me the link please Günter?
    Thanks

    #1141033

    Hi,


    @Guenni007

    Can you open an own thread and ask for enfold-4.6.2.1-beta-mailchimp.zip please so I can give you the password please.

    Best regards,
    Günter

    #1141106

    Hi Gunter,

    That is brilliant, thank you VERY much for following this up quickly and thoroughly. I don’t have time to beta test at the moment unfortunately but as soon as you release it as a stable update I will update and test it out.

    And as for the roadmap, again a big thank you for doing something about it. I took a look at the new sticky, and it is great to see. I think it may result in fewer support requests for you as well, as for instance I see in the new sticky another issue that I had noticed is already being addressed.

    Thanks again

    Tim

    #1141628

    Hi,

    Thank you for the grat feedback – we appreciate it a lot!

    Best regards,
    Basilis

    #1232385

    Hi Gunter,

    I have just updated to the latest version 4.7.6 and was checking a few things out.

    Noticed that the testimonials ALB element outgoing links are missing rel=’noopener noreferrer’ – not sure if this was ever added (I think it was?) or for some reason it was stripped out in the latest update, but can you please take a look?

    Regards

    Tim

    #1232605

    Hi,

    Thanks for this info. I’m pretty sure that was missing also in previous versions.

    I merged it for the next update.

    Have a nice day.

    Best regards,
    Günter

    #1232771

    Thanks Gunter, really appreciate you adding that to the next release. May want to double check the other ALB elements as well?

    #1233039

    Hi,

    We will do, but if you find something please report it. Helps us to speed up fixing.
    Thanks in advance.

    Have a great day.

    Best regards,
    Günter

    #1306834

    can close

Viewing 14 posts - 1 through 14 (of 14 total)
  • The topic ‘Insecure links on ALB theme elements’ is closed to new replies.