Open QiAnXinCodeSafe opened 3 years ago
hi: Use the target attribute in the <a> tag and set the value to _blank. Attackers will attack the window.opener API with malicious behavior, which may cause phishing security vulnerabilities.
<a>
_blank
window.opener
mockiato/public/index.html L74 mockiato-master/public/partials/templateForm.html L4
It is recommended to use rel="noopenner noreferrer" when using target="_blank".
rel="noopenner noreferrer"
target="_blank"
hi: Use the target attribute in the
<a>tag and set the value to_blank. Attackers will attack thewindow.openerAPI with malicious behavior, which may cause phishing security vulnerabilities.mockiato/public/index.html L74 mockiato-master/public/partials/templateForm.html L4
It is recommended to use
rel="noopenner noreferrer"when usingtarget="_blank".