Sign in
Log inSign up
Bolaji Ayodeji

120 likes

·

7.5K reads

19 comments

opara prosper
opara prosper
May 15, 2020

Thanks for sharing!

I just pushed a bug fix to one of my repos 😄

3
·
·2 replies
Bolaji Ayodeji
Bolaji Ayodeji
Author
·May 15, 2020

Ahh, glad I could help.

2
·
Ebenezer Oladutemu
Ebenezer Oladutemu
May 16, 2020

😂😂. Nice one!

·
Uchenna Emmanuel
Uchenna Emmanuel
May 30, 2020

Wow! Thanks for this valuable piece.

3
·
Francisco Quintero
Francisco Quintero
May 12, 2020

Why is this something that isn't fixed by browsers or the standard(not sure if it's ECMA)?

I mean, there should be a lot of people unaware of this vulnerability. I didn't know about it until like a couple of months ago. If browsers fix this, we shouldn't need to worry about adding another attribute.

2
·
·3 replies
Bolaji Ayodeji
Bolaji Ayodeji
Author
·May 12, 2020

I agree with you.

I think browsers are working to get this fixed. Chrome has site isolation already which uses sandboxed renderer processes as a security boundary between web sites, so each site can run in isolated processes. This makes it harder for untrusted websites to initiate phishing attacks on your users. But since not all browsers have implemented this fully on all versions of their software and users might need to either enable this feature, the extra attributes are the best and reliable solution for now.

Useful Reads

5
·
Francisco Quintero
Francisco Quintero
May 12, 2020

I see Bolaji Ayodeji

Good to know they're doing something, well. At least Chrome

2
·
Bolaji Ayodeji
Bolaji Ayodeji
Author
·May 12, 2020

Yes Francisco Quintero. Other browsers are following suit.

·
Ebenezer Oladutemu
Ebenezer Oladutemu
May 16, 2020

Wow! Never knew this until now and I make use of the attribute a lot. Thanks for this chief!

2
·
Chigbogu Orji
Chigbogu Orji
Jun 20, 2020

Now I fully understand the warning message reactjs displays in my console; that using target="blank" without rel="noopenner noreferrer" is discouraged. Thanks Bolaji Ayodeji for this insightful article.

2
·
·1 reply
Bolaji Ayodeji
Bolaji Ayodeji
Author
·Jun 20, 2020

Glad it helped you :)

1
·
Agboola Sola
Agboola Sola
Aug 14, 2020

Valuable post, was able to gain a lot from your post

1
·
·1 reply
Bolaji Ayodeji
Bolaji Ayodeji
Author
·Aug 14, 2020

Glad I could help, thanks for reading.

·
Peter Thaleikis
Peter Thaleikis
Sep 1, 2020

Interesting!

1
·
Raghavan alias Saravanan Muthu
Raghavan alias Saravanan Muthu
Feb 13, 2021

That is truly incredible. Thank you for sharing the knowledge Balaji. I had been blindly using this target='_blank' for many years, without really giving a thought about the technicalities and the possible vulnerabilities if any.

It is a master piece ;)

1
·
·1 reply
Bolaji Ayodeji
Bolaji Ayodeji
Author
·Feb 13, 2021

Thank you for reading, I'm glad this was helpful.

1
·
Ayodele Samuel Adebayo
Ayodele Samuel Adebayo
May 15, 2021

thanks so so much for sharing this, I have something to make reference to.

1
·
Favourite Jome
Favourite Jome
May 15, 2021

Thanks for sharing, I've always wondered why React keeps yelling at me to include that attribute.

·
尹兆良
尹兆良
Nov 24, 2023

NICE work!

·