ToriLemons / QA-Practice-One

0 stars 0 forks source link

Minor security and performance impact by use of `target="_blank"` attribute on image gallery links. #19

Open Christopher-Green424 opened 3 years ago

Christopher-Green424 commented 3 years ago

Devices

Device name: Custom Desktop PC Processor: Intel Core i5-6600K 3.5 GHz Quad-Core Processor System type: Windows 10 Pro 64-bit operating system, x64-based processor Resolution: 1920x1080 pixels, 16:9 ratio (~92 PPI density)

Brave Browser Version Version 1.29.79 Chromium: 93.0.4577.63 (Official Build) (64-bit)

Screenshots

Untitled

Notes

As this article explains in more detail, the use of target="_blank" can be a security issue, exploited by "tabnappers". In this case, since the contact form doesn't use target="_blank", it isn't so easily exploited, however if a hacker can put in their own false page after they've "swapped" spots with the page that the user intended to access, and fooled the user into putting in information, that would be a big issue. I recommend adding the attribute rel="noopener noreferrer" to any links that use target="_blank" because there's no reason not to. Apparently it helps with site performance as well.