Open Bug 1726806 Opened 3 years ago Updated 3 years ago

limit pagerank accumulation from comment spam via <a rel="ugc" ...> during autolinkification

Categories

(Bugzilla :: Bugzilla-General, enhancement)

enhancement

Tracking

()

UNCONFIRMED

People

(Reporter: fche, Unassigned)

Details

User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Steps to reproduce:

Observed comment spam with outgoing spam http links.

Actual results:

Bugzilla templating engine gladly autolinkificated http: junk.

Expected results:

The links should be marked with a rel="nofollow" or (more modern) rel="ugc" to deter spamming and prevent search engine penalty. Here's a toy patch against 5.0.

diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm
index 7294e27c1..67a9bec1b 100644
--- a/Bugzilla/Template.pm
+++ b/Bugzilla/Template.pm
@@ -211,7 +211,7 @@ sub quoteUrls {
my $safe_protocols = SAFE_URL_REGEXP();
$text =~ s~\b($safe_protocols)
~($tmp = html_quote($1)) &&

  •           ($things[$count++] = "<a href=\"$tmp\">$tmp</a>") &&
    
  •           ($things[$count++] = "<a rel=\"ugc\" href=\"$tmp\">$tmp</a>") &&
              ("\x{FDD2}" . ($count-1) . "\x{FDD3}")
             ~egox;
    
You need to log in before you can comment on or make changes to this bug.