consuldemocracy icon indicating copy to clipboard operation
consuldemocracy copied to clipboard
verified publisher icon consuldemocracy

Check target attribute in links

Open taitus opened this issue 4 years ago • 11 comments

Description

Type: Bug

Current Behavior

When I click a link which mentions it opens in a new window, it does not open in a new window.

Expected Behavior

When I click a link which mentions it opens in a new window, it opens in a new window.

Steps to reproduce

  1. Go to sign_up page
  2. Click on terms and conditions of use

taitus avatar Feb 12 '21 15:02 taitus

By that you mean a new tab? You're right. It really says that but opens in the same window. In this line the target is set to "_blank", but the page doesn't contain that.

image

Isaius avatar Feb 16 '21 20:02 Isaius

By that you mean a new tab?

@Isaius Yes :wink:.

javierm avatar Feb 17 '21 16:02 javierm

I'll try to find it out why isn't working.

Isaius avatar Feb 17 '21 17:02 Isaius

I've found the cause. The ActionView Sanitizer helper isn't allowing the target tag. As you can see here

Just adding this to the application.rb file solves the problem.

# In config/application.rb
config.action_view.sanitized_allowed_tags = ['strong', 'em', 'a']
config.action_view.sanitized_allowed_attributes = ['href', 'title']

Isaius avatar Feb 17 '21 19:02 Isaius

Reading the #4223 issue I think that's intentional, @javierm ?

Isaius avatar Feb 18 '21 16:02 Isaius

@Isaius It's something that might need debate in the future :thinking:. In the meantime, we're trying to keep the behavior we had in version 1.0.

Regarding this issue, maybe we could allow the target attribute when sanitizing check box labels :thinking:. Do you think it sounds reasonable, at least for now?

javierm avatar Feb 18 '21 17:02 javierm

I think so. Open the terms in a new window makes more sense to me, since stop the registration, load a new page in the same window to read them, then comeback to the page may lead the user to close that tab instead of backwards one page, losing the already inserted data.

Isaius avatar Feb 18 '21 18:02 Isaius

@javierm You mean adding target to this line? If so, tried that and didn't work.

Isaius avatar Feb 19 '21 15:02 Isaius

I meant I was wondering whether it would be fine to add an attributes param in the call to sanitize when sanitizing check box labels in order to include the target attribute.

javierm avatar Feb 19 '21 16:02 javierm

This is still happening in every sanitized text. I solve it adding this line in application.rb:

config.after_initialize do
      Globalize.set_fallbacks_to_all_available_locales
      # new line
      ActionView::Base.sanitized_allowed_attributes.add 'target' 
end

May I open a pull request for this?

diegozen avatar Sep 07 '22 09:09 diegozen

Hi, @DiegoZen :smile:.

For now, as mentioned earlier, I'd rather add an attributes param in the call to sanitize when sanitizing check box labels in order to include the target attribute.

The reason is that automatically opening links in a new tab is an accessibility/usability issue (and removing some of the existing target attributes is on our TODO list), and allowing it globally would encourage this practice.

javierm avatar Sep 07 '22 10:09 javierm

Closed via #5283.

javierm avatar Apr 08 '24 21:04 javierm