jackjlli opened a new pull request #5941: URL: https://github.com/apache/incubator-pinot/pull/5941
## Description This PR bumps up swagger-ui version and updates related code. vulnerability: Swagger-ui before 3.18.0 is vulnerable to Reverse Tabnabbing. Setting target="_blank" on anchor tags is unsafe unless used in conjunction with the rel="noopener" attribute. Opening a link via target blank attribute can change the original page, origin policy restrictions set by the browser can be bypassed. The previous PR (https://github.com/apache/incubator-pinot/pull/5896) didn't make the related required code change in html files, and some frond-end files have already changed their locations in the newer swagger-ui version. The below is the screenshot after making the code change:  ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org For additional commands, e-mail: commits-h...@pinot.apache.org
