Skip to content


Ensure secure link target

When a link is created with target="_blank" to open it in a new window, then rel="noopener noreferrer" should be set as well to prevent reverse tabnabbing in older browsers. Reverse tabnabbing occurs when a link opened in a new tab or window has a reference to the original application using the window.opener DOM property. A malicious page can use this to open a phishing page in the original tab without the victim noticing.


Insecure Example

var Test1 = <a target='_blank' href=""></a>

Secure Example

var OkTest3 = <a target="_blank" rel="noopener noreferrer" href=""></a>