Stop redirecting links via adminer.org

diff --git a/adminer/include/adminer.inc.php b/adminer/include/adminer.inc.php
index 95879e59161ce627ac4e4a7f8ba8bfbadd5d83c9..bee16a0fee25dd39cd366c3d3224af6fb2ae453d 100644 (file)
--- a/adminer/include/adminer.inc.php
+++ b/adminer/include/adminer.inc.php
@@ -262,7 +262,7 @@ class Adminer {
                if (preg_match('~json~', $field["type"])) {
                        $return = "<code class='jush-js'>$return</code>";
                }
-               return ($link ? "<a href='" . h($link) . "'" . (is_url($link) ? " rel='noreferrer'" : "") . ">$return</a>" : $return);
+               return ($link ? "<a href='" . h($link) . "'" . (is_url($link) ? target_blank() : "") . ">$return</a>" : $return);
        }
 
        /** Value conversion used in select and edit

diff --git a/adminer/include/functions.inc.php b/adminer/include/functions.inc.php
index 1d677f3ab94119b474ff8de9d1617b21140a16df..5bff85c5aa0fddd1de2153152c84d4f7dabfd17e 100644 (file)
--- a/adminer/include/functions.inc.php
+++ b/adminer/include/functions.inc.php
@@ -128,7 +128,7 @@ function nonce() {
 * @return string
 */
 function target_blank() {
-       return ' target="_blank" rel="noopener"';
+       return ' target="_blank" rel="noreferrer noopener"';
 }
 
 /** Escape for HTML
@@ -1215,7 +1215,7 @@ function rand_string() {
 * @return string HTML
 */
 function select_value($val, $link, $field, $text_length) {
-       global $adminer, $HTTPS;
+       global $adminer;
        if (is_array($val)) {
                $return = "";
                foreach ($val as $k => $v) {
@@ -1233,11 +1233,8 @@ function select_value($val, $link, $field, $text_length) {
                if (is_mail($val)) {
                        $link = "mailto:$val";
                }
-               if ($protocol = is_url($val)) {
-                       $link = (($protocol == "http" && $HTTPS) || preg_match('~WebKit|Firefox~i', $_SERVER["HTTP_USER_AGENT"]) // WebKit supports noreferrer since 2009, Firefox since version 38
-                               ? $val // HTTP links from HTTPS pages don't receive Referer automatically
-                               : "https://www.adminer.org/redirect/?url=" . urlencode($val) // intermediate page to hide Referer
-                       );
+               if (is_url($val)) {
+                       $link = $val; // IE 11 and all modern browsers hide referrer
                }
        }
        $return = $adminer->editVal($val, $field);
@@ -1268,11 +1265,11 @@ function is_mail($email) {
 
 /** Check whether the string is URL address
 * @param string
-* @return string "http", "https" or ""
+* @return bool
 */
 function is_url($string) {
        $domain = '[a-z0-9]([-a-z0-9]{0,61}[a-z0-9])'; // one domain component //! IDN
-       return (preg_match("~^(https?)://($domain?\\.)+$domain(:\\d+)?(/.*)?(\\?.*)?(#.*)?\$~i", $string, $match) ? strtolower($match[1]) : ""); //! restrict path, query and fragment characters
+       return preg_match("~^(https?)://($domain?\\.)+$domain(:\\d+)?(/.*)?(\\?.*)?(#.*)?\$~i", $string); //! restrict path, query and fragment characters
 }
 
 /** Check if field should be shortened

diff --git a/adminer/static/editing.js b/adminer/static/editing.js
index ab5f5f32f10f5ecee8da513b17cc764084cb5b4f..03288b315e345ff8cb90aff0e4bfc31464ad1222 100644 (file)
--- a/adminer/static/editing.js
+++ b/adminer/static/editing.js
@@ -5,7 +5,7 @@
 */
 function bodyLoad(version) {
        if (window.jush) {
-               jush.create_links = ' target="_blank" rel="noopener"';
+               jush.create_links = ' target="_blank" rel="noreferrer noopener"';
                if (version) {
                        for (var key in jush.urls) {
                                var obj = jush.urls;

diff --git a/changes.txt b/changes.txt
index e8bcf53e525614071134893cf9e92131472ab3c6..9c7ac54cce429b7ae04e79eceb64bfc4ddeeacf6 100644 (file)
--- a/changes.txt
+++ b/changes.txt
@@ -2,6 +2,7 @@ Adminer 4.5.1-dev:
 Fix counting selected rows after going back to select page
 PHP <5.3 compatibility even with Elasticsearch enabled
 Fully support functions in default values
+Stop redirecting links via adminer.org
 MariaDB: Support JSON since MariaDB 10.2
 PostgreSQL: Support functions
 PostgreSQL: Allow editing views with uppercase letters (bug #467)

diff --git a/editor/include/adminer.inc.php b/editor/include/adminer.inc.php
index 519615952f663466f2cc754b1daff8e77e7ef15a..1da44c473975b9ca6425e22f93e163983a4f5e57 100644 (file)
--- a/editor/include/adminer.inc.php
+++ b/editor/include/adminer.inc.php
@@ -195,7 +195,7 @@ ORDER BY ORDINAL_POSITION", null, "") as $row) { //! requires MySQL 5
                        $return = (preg_match('~^(1|t|true|y|yes|on)$~i', $value) ? lang('yes') : lang('no'));
                }
                if ($link) {
-                       $return = "<a href='$link'" . (is_url($link) ? " rel='noreferrer'" : "") . ">$return</a>";
+                       $return = "<a href='$link'" . (is_url($link) ? target_blank() : "") . ">$return</a>";
                }
                if (!$link && !like_bool($field) && preg_match('~int|float|double|decimal~', $field["type"])) {
                        $return = "<div class='number'>$return</div>"; // Firefox doesn't support <colgroup>

diff --git a/plugins/links-direct.php b/plugins/links-direct.php
deleted file mode 100644 (file)
index f1f0a72..0000000
--- a/plugins/links-direct.php
+++ /dev/null
@@ -1,17 +0,0 @@
-<?php
-
-/** Avoid redirecting of external links through adminer.org and disclose the URL of installed Adminer to visited links
-* @link https://www.adminer.org/plugins/#use
-* @author Jakub Vrana, https://www.vrana.cz/
-* @license https://www.apache.org/licenses/LICENSE-2.0 Apache License, Version 2.0
-* @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License, version 2 (one or other)
-*/
-class AdminerLinksDirect {
-       
-       function selectLink($val, $field) {
-               if (is_url($val)) {
-                       return $val;
-               }
-       }
-       
-}