Closed kesavsai closed 2 years ago
Issue: Reverse tabnabbing
Observed: when a link is configured to open a new tab in a browser by, for example, adding the target="_blank" attribute to an tag. If done incorrectly, the new page is able to control the referrer and opener objects of the parent window, and use that control to replace the parent site with a phishing site.
Description of changes: Added the noopener and noreferrer values in the rel attribute in tags
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
Issue: Reverse tabnabbing
Observed: when a link is configured to open a new tab in a browser by, for example, adding the target="_blank" attribute to an tag. If done incorrectly, the new page is able to control the referrer and opener objects of the parent window, and use that control to replace the parent site with a phishing site.
Description of changes: Added the noopener and noreferrer values in the rel attribute in tags
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.