Modern browsers now provide rel=noopener behaviour by default, but some older versions & IE, this behaviour is not present.
We also need rel=noreferrer for IE11 as that doesn't support noopener.
I don't think this should really ever be disabled as it's a pretty major security risk if a forum links to an unsafe site. It might be worth only supplying noreferrer on IE to benefit sites using analytics based on the Referer header.
Fixes #34
This PR prevent security risks on older browsers.
Modern browsers now provide
rel=noopenerbehaviour by default, but some older versions & IE, this behaviour is not present.We also need
rel=noreferrerfor IE11 as that doesn't supportnoopener.I don't think this should really ever be disabled as it's a pretty major security risk if a forum links to an unsafe site. It might be worth only supplying
noreferreron IE to benefit sites using analytics based on theRefererheader.Learn more: