DEV Community

Cover image for Using "noopener" and ”noreferrer” against Phishing Attacks

Using "noopener" and ”noreferrer” against Phishing Attacks

obetomuniz profile image Beto Muniz ・1 min read

Want to help users to avoid some Phishing Attacks with HTML?

👉 Use rel="noopener noreferrer" while adding external links to your website to improve user navigation security.

<a rel="noopener noreferrer" href="https://...">
 External Link
Enter fullscreen mode Exit fullscreen mode

🐿 noopener: tells the browser to remove sensitive data from window.opener object when the user arrives at the destination website.

🤓 noreferrer: protect sensitive data of the origin website removing it from the Referrer header while the user navigates between origin website and destination website.

😋 Super easy security strategy to implement. Adopt this recommendation without moderation.

💌 Also, don't miss content like this signing my newsletter.

Discussion (0)

Editor guide