Hi!
Did you know that whenever you click on a hyperlink that opens a page in a new tab, the new page is able to control what page is loaded in the previous tab?
"Why is this bad for me?"
This is how advertisers bother you to its fullest extent, or worse, how a hacker could replace the previous tab with a fake login page of the service you navigate from when you follow a link to an evil webpage.
"That's not good! What now?"
The World Wide Web Consortium (W3C) decided that something needed to be created to stop this from happening, and the "rel=noopener" attribute was born.
This attribute can be added to any hyperlink to prevent the new window from accessing the previous window object.
"Sweet!"
Well, here's the catch: Because they didn't want to 'break the internet' this became an optional attribute that web developers and designers have to add to each single hyperlink in order to protect you. This means that trillions of Hyperlinks that do not give us this protection have to be fixed, manually, and let's be honest, this will not happen.
"Break the internet? But.. my security!"
Well, they do have a point in some way, since some web applications make use of this function, it would break those web applications if they would just change the way hyperlinks work.
"So what now?"
I created a simple browser extension to solve this problem for you.
When you add this extension to your browser, all it will do is add the "rel=noopener" attribute to any hyperlink that opens a page in a new tab or window.
"But won't this 'break my internet'?"
Nope! Because when a hyperlink points to a web page hosted on the same domain name as the one you're on, it will NOT add the rel=noopener attribute. Neat huh?
"Does it do anything else?"
No, that's all! :]
I just want to share this with the rest of the internet.
"Can you give me some technical details?"
Sure thing! Basically, this add-on:
1. Searches for any hyperlink that points to a page that is not hosted on the same domain as the viewed page and checks if it has the target="_blank" attribute.
2A. If the found Hyperlink has no rel= attribute, it adds rel=noopener to the hyperlink.
2B. If the found Hyperlink already has a rel= attribute the noopener value is added if it does not exist, leaving all other values intact.
Did you know that whenever you click on a hyperlink that opens a page in a new tab, the new page is able to control what page is loaded in the previous tab?
"Why is this bad for me?"
This is how advertisers bother you to its fullest extent, or worse, how a hacker could replace the previous tab with a fake login page of the service you navigate from when you follow a link to an evil webpage.
"That's not good! What now?"
The World Wide Web Consortium (W3C) decided that something needed to be created to stop this from happening, and the "rel=noopener" attribute was born.
This attribute can be added to any hyperlink to prevent the new window from accessing the previous window object.
"Sweet!"
Well, here's the catch: Because they didn't want to 'break the internet' this became an optional attribute that web developers and designers have to add to each single hyperlink in order to protect you. This means that trillions of Hyperlinks that do not give us this protection have to be fixed, manually, and let's be honest, this will not happen.
"Break the internet? But.. my security!"
Well, they do have a point in some way, since some web applications make use of this function, it would break those web applications if they would just change the way hyperlinks work.
"So what now?"
I created a simple browser extension to solve this problem for you.
When you add this extension to your browser, all it will do is add the "rel=noopener" attribute to any hyperlink that opens a page in a new tab or window.
"But won't this 'break my internet'?"
Nope! Because when a hyperlink points to a web page hosted on the same domain name as the one you're on, it will NOT add the rel=noopener attribute. Neat huh?
"Does it do anything else?"
No, that's all! :]
I just want to share this with the rest of the internet.
"Can you give me some technical details?"
Sure thing! Basically, this add-on:
1. Searches for any hyperlink that points to a page that is not hosted on the same domain as the viewed page and checks if it has the target="_blank" attribute.
2A. If the found Hyperlink has no rel= attribute, it adds rel=noopener to the hyperlink.
2B. If the found Hyperlink already has a rel= attribute the noopener value is added if it does not exist, leaving all other values intact.
