Prevent phishing when use target="_blank". This JavaScript is self executed. It will find all <a>-Elements in your document and will set the rel-Attribute to "noopener noreferrer".
You can install it wih bower:
bower install noopener-js
Further, you can also install it via NPM:
npm install noopener-js --save
Or just like the oldschool, copy the source or better the minified file into your project.
Very straightforward when using NPM:
<script src="node_modules/noopener-js/dest/noopener.js" type="text/javascript"></script>
Or when using Bower:
<script src="bower_components/noopener-js/dest/noopener.js" type="text/javascript"></script>
If your markup looks like this:
<a href="https://google.de/" target="_blank">Visit Google</a>
Noopener.js will change your markup to this:
<a href="https://google.de/" target="_blank" rel="noopener noreferrer">Visit Google</a>
- https://mathiasbynens.github.io/rel-noopener/
- https://dev.to/ben/the-targetblank-vulnerability-by-example?utm_source=codropscollective
- Test
- Update this readme!