andre/30-seconds-of-code
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Bake dates into articles

Browse Source
This commit is contained in:
Isabelle Viktoria Maciohsek
2021-06-13 19:52:48 +03:00
parent 65528cce0d
commit 9482b077ec
123 changed files with 246 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
blog_posts/javascript-target-blank.md
View File

@ -5,6 +5,8 @@ tags: javascript,browser,security
authors: chalarangelo
cover: blog_images/laptop-with-code.jpg
excerpt: Opening a link in a new tab comes with a security vulnerability that you may not be aware of. Protect your users with this simple trick.
firstSeen: 2020-11-20T09:19:07+02:00
lastUpdated: 2021-06-12T19:30:41+03:00
---
Oftentimes, when linking to an external resource from our websites, we use `target="_blank"` to open the linked page in a new tab or window. But there is a security risk we should be aware of. The new tab gains limited access to the linking page (i.e. our website) via `window.opener`, which it can then use to alter the linking page's URL via `window.opener.location` (this is known as tabnabbing).