120 likes
·
3.6K reads
18 comments
Thanks for sharing!
I just pushed a bug fix to one of my repos 😄
Ahh, glad I could help.
😂😂. Nice one!
Wow! Thanks for this valuable piece.
Why is this something that isn't fixed by browsers or the standard(not sure if it's ECMA)?
I mean, there should be a lot of people unaware of this vulnerability. I didn't know about it until like a couple of months ago. If browsers fix this, we shouldn't need to worry about adding another attribute.
I agree with you.
I think browsers are working to get this fixed. Chrome has site isolation already which uses sandboxed renderer processes as a security boundary between web sites, so each site can run in isolated processes. This makes it harder for untrusted websites to initiate phishing attacks on your users. But since not all browsers have implemented this fully on all versions of their software and users might need to either enable this feature, the extra attributes are the best and reliable solution for now.
Useful Reads
I see Bolaji Ayodeji
Good to know they're doing something, well. At least Chrome
Yes Francisco Quintero. Other browsers are following suit.
Wow! Never knew this until now and I make use of the attribute a lot. Thanks for this chief!
Now I fully understand the warning message reactjs displays in my console; that using target="blank" without rel="noopenner noreferrer" is discouraged.
Thanks Bolaji Ayodeji for this insightful article.
Glad it helped you :)
Valuable post, was able to gain a lot from your post
Glad I could help, thanks for reading.
Interesting!
That is truly incredible. Thank you for sharing the knowledge Balaji. I had been blindly using this target='_blank' for many years, without really giving a thought about the technicalities and the possible vulnerabilities if any.
It is a master piece ;)
Thank you for reading, I'm glad this was helpful.
thanks so so much for sharing this, I have something to make reference to.
Thanks for sharing, I've always wondered why React keeps yelling at me to include that attribute.