Jump to content

Target="_blank" a security risk


Recommended Posts

Hi my lords

We use Target="_blank" to open linked pages in a new tab or window. But there is a security risk we should aware of. The new tab gain limited access to the linking page via window.opener. which it can then use to alter the linking page's url via window.opener.location. this might be a problem if the external redource is not trustworthy. Might have been hacked, the domain has chamged owner over the years etc.

We should always add rel="noopener noreferrer" Attribute to all of our target="_blank" links. 

in order to prevent a link that is opened in a new tab from cousing any trouble.



Link to comment
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...