Add %HTML.TargetNoreferrer, which adds rel="noreferrer" when target attribute is set

Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>

tests/HTMLPurifier/HTMLModule/TargetBlankTest.php

@@ -13,7 +13,7 @@ class HTMLPurifier_HTMLModule_TargetBlankTest extends HTMLPurifier_HTMLModuleHar
     {
         $this->assertResult(
             '<a href="http://google.com">a</a><a href="/local">b</a><a href="mailto:foo@example.com">c</a>',
-            '<a href="http://google.com" target="_blank">a</a><a href="/local">b</a><a href="mailto:foo@example.com">c</a>'
+            '<a href="http://google.com" target="_blank" rel="noreferrer">a</a><a href="/local">b</a><a href="mailto:foo@example.com">c</a>'
         );
     }
 

tests/HTMLPurifier/HTMLModule/TargetNoreferrerTest.php

@@ -0,0 +1,42 @@
+<?php
+
+class HTMLPurifier_HTMLModule_TargetNoreferrerTest extends HTMLPurifier_HTMLModuleHarness
+{
+
+    public function setUp()
+    {
+        parent::setUp();
+        $this->config->set('HTML.TargetNoreferrer', true);
+        $this->config->set('Attr.AllowedFrameTargets', '_blank');
+    }
+
+    public function testNoreferrer()
+    {
+        $this->assertResult(
+            '<a href="http://google.com" target="_blank">x</a>',
+            '<a href="http://google.com" target="_blank" rel="noreferrer">x</a>'
+        );
+    }
+
+    public function testNoreferrerNoDupe()
+    {
+        $this->config->set('Attr.AllowedRel', 'noreferrer');
+        $this->assertResult(
+            '<a href="http://google.com" target="_blank" rel="noreferrer">x</a>',
+            '<a href="http://google.com" target="_blank" rel="noreferrer">x</a>'
+        );
+    }
+
+    public function testTargetBlankNoreferrer()
+    {
+        $this->config->set('HTML.TargetBlank', true);
+        $this->assertResult(
+            '<a href="http://google.com">x</a>',
+            '<a href="http://google.com" target="_blank" rel="noreferrer">x</a>'
+        );
+    }
+
+
+}
+
+// vim: et sw=4 sts=4