kyriazhs1975 Posted October 17, 2021 Posted October 17, 2021 Hi my lords We use Target="_blank" to open linked pages in a new tab or window. But there is a security risk we should aware of. The new tab gain limited access to the linking page via window.opener. which it can then use to alter the linking page's url via window.opener.location. this might be a problem if the external redource is not trustworthy. Might have been hacked, the domain has chamged owner over the years etc. We should always add rel="noopener noreferrer" Attribute to all of our target="_blank" links. in order to prevent a link that is opened in a new tab from cousing any trouble. Unienc 1
opentype Posted October 17, 2021 Posted October 17, 2021 It already works like that. <a href="#" rel="external noopener" target="_blank">Something</a> The “noreferrer” was only necessary as a work-around for Firefox, but that is not necessary anymore.
kyriazhs1975 Posted October 17, 2021 Author Posted October 17, 2021 9 minutes ago, opentype said: The “noreferrer” was only necessary as a work-around for Firefox, but that is not necessary anymore. This can also be logical. But we have to consider all aspects
Recommended Posts