fix(security): add noopener,noreferrer to all window.open calls

Prevent reverse tabnapping by adding security attributes to all
window.open calls that open links in new tabs.

web-front/src/views/ClientLinks.vue

@@ -369,7 +369,7 @@ export default {
               copyToClipboard(link)
               return
             }
-            window.open(link, '_blank')
+            window.open(link, '_blank', 'noopener,noreferrer')
             ElMessage.success('正在唤起迅雷下载')
             break
             
@@ -386,7 +386,7 @@ export default {
     // 下载客户端
     const downloadClient = (type) => {
       const url = getClientDownloadUrl(type)
-      window.open(url, '_blank')
+      window.open(url, '_blank', 'noopener,noreferrer')
       ElMessage.success(`正在跳转到 ${getClientDisplayName(type)} 下载页面`)
     }
 

web-front/src/views/Home.vue

@@ -1309,7 +1309,7 @@ export default {
     // 文件点击处理
     handleFileClick(file) {
       if (file.parserUrl) {
-        window.open(file.parserUrl, '_blank')
+        window.open(file.parserUrl, '_blank', 'noopener,noreferrer')
       } else {
         this.$message.warning('该文件暂无下载链接')
       }
@@ -1439,7 +1439,7 @@ export default {
 错误信息：${JSON.stringify(this.errorDetail, null, 2)}`;
       navigator.clipboard.writeText(text).then(() => {
         this.$message.success('已复制分享信息和错误详情');
-        window.open('https://github.com/qaiu/netdisk-fast-download/issues/new', '_blank');
+        window.open('https://github.com/qaiu/netdisk-fast-download/issues/new', '_blank', 'noopener,noreferrer');
       }).catch(() => {
         this.$message.error('复制失败');
       });

web-front/src/views/Playground.vue

@@ -1178,7 +1178,7 @@ function parseById(shareLinkInfo, http, logger) {
     
     // 新窗口打开首页
     const goHomeInNewWindow = () => {
-      window.open('/', '_blank');
+      window.open('/', '_blank', 'noopener,noreferrer');
     };
     
     // 检查是否有未保存的文件