DEV Community 👩‍💻👨‍💻

Discussion on: target="_blank" is a security risk?

Collapse
phil_dev profile image
Phil Pickering

@deathshadow60 Yes, it was an issue (see background info here: medium.com/sedeo/how-to-fix-target...)

@thehassantahir You might not be aware that this issue has now been fixed in all modern browsers mathiasbynens.github.io/rel-noopener/ 😃

Collapse
thehassantahir profile image
Hassan Tahir Author

yeah that makes sense! Thanks for sharing background.

Collapse
ravavyr profile image
Ravavyr

Read it again, In Edge it's a feature request that's not yet been added. Other than that yes, it's been patched in the other browsers.

You can still be 100% safe by doing -- target="_blank" rel="noopener" -- yourself as that hardly takes any effort.

Collapse
deathshadow60 profile image
deathshadow60

It being fixed in modern browsers is likely why I just tried it here in both Vivaldi and Firefox, and said event did NOT fire.