TIL that target=”_blank” is bad. Who knew? (Hackers.)

We all love the target=”_blank” code, which makes links open in a new window. The problem is that once the new window (window.opener) is opened, the new page can have access to the original window, allowing a spoofed URL or redirect.

Scary, right? Someone can post a link on your forum or in the comments of your blog and go to town. In the meantime, be careful of your clicks.

Try the example here to see it in action: http://lcamtuf.coredump.cx/switch/ or here https://mathiasbynens.github.io/rel-noopener

 

Sarah sets the standard in graphic design by not following the pack. Refreshing.

Todd in Arvada – Branding Graphics
Powered by Wordpress Proudly 100% USA Ask us about silver and gold as barter coins

©2000-2018 SW33T Design.