fix(email-templates): fixes <a> security issues

apps/comms/email-templates/account-invite/email.html

@@ -146,15 +146,15 @@
                         <table border="0" cellpadding="0" cellspacing="0" role="presentation" style="border-collapse:separate;line-height:100%;">
                           <tr>
                             <td align="center" bgcolor="#2563EB" role="presentation" style="border:none;border-radius:3px;cursor:auto;mso-padding-alt:10px 25px;background:#2563EB;" valign="middle">
-                              <a href="{{.Link}}" style="display:inline-block;background:#2563EB;color:#ffffff;font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:3px;" target="_blank"> Accept Invite </a>
+                              <a href="{{.Link}}" rel="noopener noreferrer" style="display:inline-block;background:#2563EB;color:#ffffff;font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:3px;" target="_blank"> Accept Invite </a>
                             </td>
                           </tr>
                         </table>
                       </td>
                     </tr>
                     <tr>
                       <td align="left" style="font-size:0px;padding:10px 25px;word-break:break-word;">
-                        <div style="font-family:Open Sans, Arial;font-size:16px;line-height:1.5;text-align:left;color:#555555;">Alternatively, you can copy and paste the following URL into your browser: <a href="{{.Link}}">{{.Link}}</a></div>
+                        <div style="font-family:Open Sans, Arial;font-size:16px;line-height:1.5;text-align:left;color:#555555;">Alternatively, you can copy and paste the following URL into your browser: <a href="{{.Link}}" rel="noopener noreferrer">{{.Link}}</a></div>
                       </td>
                     </tr>
                     <tr>

apps/comms/email-templates/account-invite/email.mjml

@@ -1,3 +1,4 @@
+<!-- vim: set ft=html: -->
 <mjml>
   <mj-body background-color="#f7f7f7">
     <mj-section padding="20px 0">
@@ -13,12 +14,12 @@
         <mj-text font-family="Open Sans, Arial" font-size="16px" color="#555" line-height="1.5">
           To accept, please click the button below.
         </mj-text>
-        <mj-button align="left" href="{{.Link}}" background-color="#2563EB" font-size="16px" color="#fff">
+        <mj-button align="left" href="{{.Link}}" rel="noopener noreferrer" background-color="#2563EB" font-size="16px" color="#fff">
           Accept Invite
         </mj-button>
         <mj-text font-family="Open Sans, Arial" font-size="16px" color="#555" line-height="1.5">
           Alternatively, you can copy and paste the following URL into your browser:
-          <a href="{{.Link}}">{{.Link}}</a>
+          <a href="{{.Link}}" rel="noopener noreferrer">{{.Link}}</a>
         </mj-text>
         <mj-text font-family="Open Sans, Arial" font-size="14px" color="#888">
           If you have any questions or need assistance, please don't hesitate to contact us.

apps/comms/email-templates/project-invite/email.html

@@ -1,5 +1,4 @@
 <!-- DO NOT EDIT: generated with `email.mjml` in their online editor -->
-<!-- source: https://mjml.io/try-it-live/7JYt3Yl1eX -->
 <!doctype html>
 <html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office">
 
@@ -147,15 +146,15 @@
                         <table border="0" cellpadding="0" cellspacing="0" role="presentation" style="border-collapse:separate;line-height:100%;">
                           <tr>
                             <td align="center" bgcolor="#2563EB" role="presentation" style="border:none;border-radius:3px;cursor:auto;mso-padding-alt:10px 25px;background:#2563EB;" valign="middle">
-                              <a href="{{.Link}}" style="display:inline-block;background:#2563EB;color:#ffffff;font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:3px;" target="_blank"> Accept Invite </a>
+                              <a href="{{.Link}}" rel="noopener noreferrer" style="display:inline-block;background:#2563EB;color:#ffffff;font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:3px;" target="_blank"> Accept Invite </a>
                             </td>
                           </tr>
                         </table>
                       </td>
                     </tr>
                     <tr>
                       <td align="left" style="font-size:0px;padding:10px 25px;word-break:break-word;">
-                        <div style="font-family:Open Sans, Arial;font-size:16px;line-height:1.5;text-align:left;color:#555555;">Alternatively, you can copy and paste the following URL into your browser: <a href="{{.Link}}">{{.Link}}</a></div>
+                        <div style="font-family:Open Sans, Arial;font-size:16px;line-height:1.5;text-align:left;color:#555555;">Alternatively, you can copy and paste the following URL into your browser: <a href="{{.Link}}" rel="noopener noreferrer">{{.Link}}</a></div>
                       </td>
                     </tr>
                     <tr>

apps/comms/email-templates/project-invite/email.mjml

@@ -1,3 +1,4 @@
+<!-- vim: set ft=html: -->
 <mjml>
   <mj-body background-color="#f7f7f7">
     <mj-section padding="20px 0">
@@ -13,12 +14,12 @@
         <mj-text font-family="Open Sans, Arial" font-size="16px" color="#555" line-height="1.5">
           To accept, please click the button below.
         </mj-text>
-        <mj-button align="left" href="{{.Link}}" background-color="#2563EB" font-size="16px" color="#fff">
+        <mj-button align="left" href="{{.Link}}" rel="noopener noreferrer" background-color="#2563EB" font-size="16px" color="#fff">
           Accept Invite
         </mj-button>
         <mj-text font-family="Open Sans, Arial" font-size="16px" color="#555" line-height="1.5">
           Alternatively, you can copy and paste the following URL into your browser:
-          <a href="{{.Link}}">{{.Link}}</a>
+          <a href="{{.Link}}" rel="noopener noreferrer">{{.Link}}</a>
         </mj-text>
         <mj-text font-family="Open Sans, Arial" font-size="14px" color="#888">
           If you have any questions or need assistance, please don't hesitate to contact us.

apps/comms/email-templates/reset-password/email.html

@@ -1,5 +1,4 @@
-<!-- FILE: email.mjml -->
-<!-- source: https://mjml.io/try-it-live/nRcfyqsLUS -->
+<!-- DO NOT EDIT: generated with `email.mjml` in their online editor -->
 <!doctype html>
 <html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office">
 
@@ -147,15 +146,15 @@
                         <table border="0" cellpadding="0" cellspacing="0" role="presentation" style="border-collapse:separate;line-height:100%;">
                           <tr>
                             <td align="center" bgcolor="#2563EB" role="presentation" style="border:none;border-radius:3px;cursor:auto;mso-padding-alt:10px 25px;background:#2563EB;" valign="middle">
-                              <a href="{{.Link}}" style="display:inline-block;background:#2563EB;color:#ffffff;font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:3px;" target="_blank"> Reset Password </a>
+                              <a href="{{.Link}}" rel="noopener noreferrer" style="display:inline-block;background:#2563EB;color:#ffffff;font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:3px;" target="_blank"> Reset Password </a>
                             </td>
                           </tr>
                         </table>
                       </td>
                     </tr>
                     <tr>
                       <td align="left" style="font-size:0px;padding:10px 25px;word-break:break-word;">
-                        <div style="font-family:Open Sans, Arial;font-size:16px;line-height:1.5;text-align:left;color:#555555;">Alternatively, you can copy and paste the following URL into your browser: <a href="{{.Link}}">{{.Link}}</a></div>
+                        <div style="font-family:Open Sans, Arial;font-size:16px;line-height:1.5;text-align:left;color:#555555;">Alternatively, you can copy and paste the following URL into your browser: <a href="{{.Link}}" rel="noopener noreferrer">{{.Link}}</a></div>
                       </td>
                     </tr>
                     <tr>

apps/comms/email-templates/reset-password/email.mjml

@@ -1,3 +1,4 @@
+<!-- vim: set ft=html: -->
 <mjml>
   <mj-body background-color="#f7f7f7">
     <mj-section padding="20px 0">
@@ -13,12 +14,12 @@
         <mj-text font-family="Open Sans, Arial" font-size="16px" color="#555" line-height="1.5">
           To proceed, please click the button below.
         </mj-text>
-        <mj-button align="left" href="{{.Link}}" background-color="#2563EB" font-size="16px" color="#fff">
+        <mj-button align="left" href="{{.Link}}" rel="noopener noreferrer" background-color="#2563EB" font-size="16px" color="#fff">
           Reset Password
         </mj-button>
         <mj-text font-family="Open Sans, Arial" font-size="16px" color="#555" line-height="1.5">
           Alternatively, you can copy and paste the following URL into your browser:
-          <a href="{{.Link}}">{{.Link}}</a>
+          <a href="{{.Link}}" rel="noopener noreferrer">{{.Link}}</a>
         </mj-text>
         <mj-text font-family="Open Sans, Arial" font-size="14px" color="#888">
           If you did not request a password reset or need further assistance, please contact us immediately.

apps/comms/email-templates/user-verification/email.html

@@ -1,4 +1,4 @@
-<!-- FILE: email.mjml -->
+<!-- DO NOT EDIT: generated with `email.mjml` in their online editor -->
 <!doctype html>
 <html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office">
 
@@ -157,15 +157,15 @@
                         <table border="0" cellpadding="0" cellspacing="0" role="presentation" style="border-collapse:separate;line-height:100%;">
                           <tr>
                             <td align="center" bgcolor="#2563EB" role="presentation" style="border:none;border-radius:3px;cursor:auto;mso-padding-alt:10px 25px;background:#2563EB;" valign="middle">
-                              <a href="{{.Link}}" style="display:inline-block;background:#2563EB;color:#ffffff;font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:3px;" target="_blank"> Verify Email </a>
+                              <a href="{{.Link}}" rel="noopener noreferrer" style="display:inline-block;background:#2563EB;color:#ffffff;font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:3px;" target="_blank"> Verify Email </a>
                             </td>
                           </tr>
                         </table>
                       </td>
                     </tr>
                     <tr>
                       <td align="left" style="font-size:0px;padding:10px 25px;word-break:break-word;">
-                        <div style="font-family:Open Sans, Arial;font-size:16px;line-height:1.5;text-align:left;color:#555555;">Alternatively, you can copy and paste the following URL into your browser: <a href="{{.Link}}">{{.Link}}</a></div>
+                        <div style="font-family:Open Sans, Arial;font-size:16px;line-height:1.5;text-align:left;color:#555555;">Alternatively, you can copy and paste the following URL into your browser: <a href="{{.Link}}" rel="noopener noreferrer">{{.Link}}</a></div>
                       </td>
                     </tr>
                     <tr>