<div class="footer">
<h2>How It Works</h2>
<p class="small-print">BIP 353 resolves DNS TXT records into <code>bitcoin:</code> URIs. Any standard (reusable) <code>bitcoin:</code> URI should work, for example a URI with a BOLT 12 offer (starting with lno), a Silent Payments Address (starting with sp), and an on-chain address may look like <code>bitcoin:1OnChain?lno=lno1lightningoffer&sp=sp1qsilentpayment</code></p>
- <p class="small-print">Note that most BIP 353 names rely on <a rel="noreferrer" href="https://bolt12.org">BOLT 12</a> or <a rel="noreferrer" href="https://silentpayments.xyz">Silent Payments</a> and as both are relatively new, wallet support isn't yet universal.</p>
+ <p class="small-print">Note that most BIP 353 names rely on <a rel="noopener noreferrer" href="https://bolt12.org">BOLT 12</a> or <a rel="noopener noreferrer" href="https://silentpayments.xyz">Silent Payments</a> and as both are relatively new, wallet support isn't yet universal.</p>
<p class="small-print">While you're absolutely trusting this site to not provide you with backdoored code, names are fully validated locally on your machine using DNSSEC. Thus, no matter what server you use to resolve the name, the worst they can do is log who you're paying or tell you they're not payable. They can never give you the wrong address!</p>
- <p class="small-print">Trust someone else to host a name for you? Check out <a href="https://twelve.cash">twelve.cash</a></p>
- <p class="tiny-print">Designed by volunteers in the <a rel="noreferrer" href="https://bitcoin.design/">Bitcoin Design Community</a>.</p>
- <p class="tiny-print">Find the full source <a rel="noreferrer" href="https://github.com/TheBlueMatt/satsto.me">on Github</a>.</p>
+ <p class="small-print">Trust someone else to host a name for you? Check out <a rel="noopener noreferrer" href="https://twelve.cash">twelve.cash</a></p>
+ <p class="tiny-print">Designed by volunteers in the <a rel="noopener noreferrer" href="https://bitcoin.design/">Bitcoin Design Community</a>.</p>
+ <p class="tiny-print">Find the full source <a rel="noopener noreferrer" href="https://github.com/TheBlueMatt/satsto.me">on Github</a>.</p>
</div>
<!-- dnssec_prover_wasm.js comes from running wasm-pack build --target web` in the `wasmpack` folder in dnssec-prover -->
if (!/^[\p{ASCII}]*$/u.test(addr_parts[0])) {
document.getElementById("paybutton").classList.add("go-button-disabled");
document.getElementById("errors").classList.add("errors-filled");
- document.getElementById("errors").innerHTML = "To protect against <a href='https://en.wikipedia.org/wiki/IDN_homograph_attack'>Homograph Attacks</a>, the user part of addres must be ASCII";
+ document.getElementById("errors").innerHTML = "To protect against <a rel='nofollow noopener noreferrer' href='https://en.wikipedia.org/wiki/IDN_homograph_attack'>Homograph Attacks</a>, the user part of addres must be ASCII";
return true;
}
if (!/^[\p{ASCII}]*$/u.test(addr_parts[1])) {
document.getElementById("paybutton").classList.add("go-button-disabled");
document.getElementById("errors").classList.add("errors-filled");
- document.getElementById("errors").innerHTML = "To protect against <a rel='nofollow noreferrer' href='https://en.wikipedia.org/wiki/IDN_homograph_attack'>Homograph Attacks</a>, the domain part of addres must be ASCII";
+ document.getElementById("errors").innerHTML = "To protect against <a rel='nofollow noopener noreferrer' href='https://en.wikipedia.org/wiki/IDN_homograph_attack'>Homograph Attacks</a>, the domain part of address must be ASCII";
return true;
}
document.getElementById("paybutton").classList.remove("go-button-disabled");
if (!/^[\p{ASCII}]*$/u.test(contents)) {
value = "Invalid";
} else {
- value += "<a class='address-link' href='bitcoin:" + uri_pfx + contents + "'>" + contents + "</a>";
+ value += "<a rel='nofollow noopener noreferrer' class='address-link' href='bitcoin:" + uri_pfx + contents + "'>" + contents + "</a>";
}
addr_idx += 1;
addr_ty_table += "<div class='address-card'>" + value + "</div>";
};
- var res = "<h2>It works!</h2><p>" + name + " was successfully resolved to the following addresses.</p><p>Your wallet should have automatically opened to pay, but if not, <a href=\"" + bip353 + "\">click here to do so.</a></p>";
+ var res = "<h2>It works!</h2><p>" + name + " was successfully resolved to the following addresses.</p><p>Your wallet should have automatically opened to pay, but if not, <a rel='nofollow noopener noreferrer' href=\"" + bip353 + "\">click here to do so.</a></p>";
if (base_and_params[0].length != 0) {
if (base_and_params[0].startsWith("sp1q")) {
res += "<p>Note: the response included a Silent Payment address which was encoded in the \"body\" position in the URI (i.e. <code>bitcoin:sp1q...</code>) rather than in the \"sp\" query parameter (i.e. <code>bitcoin:?sp=sp1q...</code>). This is incorrect and may cause some wallets to fail to pay on-chain.</p>";