srenault
commented
7 years ago Hey,
Thanks for your contribution!
I think rel='noopener is only necessary if the target's value is _blank.
What do you think?
Closed petetnt closed 7 years ago
srenault
commented
7 years ago Hey,
Thanks for your contribution!
I think rel='noopener is only necessary if the target's value is _blank.
What do you think?
petetnt
commented
7 years ago Hey @srenault,
Yep, it's only needed for blank. However it doesn't matter much as for the other values (_self, _top, _parent) the window.opener is null anyway so noopener doesn't do anything special., so it might be just simpler (and safer) to add noopener anyways.
This PR adds
rel='noopener'to links that might containtarget='_blank'attribute.The
rel='noopener'attribute prevents possible trivial phishing caused by exposedwindow.opener. For more information see https://mathiasbynens.github.io/rel-noopener/Signed-off-by: petetnt pete.a.nykanen@gmail.com