Details
-
Technical Debt
-
Status: Resolved
-
Minor
-
Resolution: Fixed
-
1.19.0
Description
As part of FLINK-33325, we introduced a new tab on the Flink dashboard to trigger the async profiler on the JobManager and TaskManager.
The HTML component introduced links out to async profiler page on Github -> https://github.com/async-profiler/async-profiler/wiki.
However, the anchor element introduced does not follow best practices around preventing XSA attacks, by setting up the below:
target="_blank" rel="noopener noreferrer"
We should add these attributes as best practice!