[wp-trac] [WordPress Trac] #43187: Add pre-save filter to make target="_blank" always secure
WordPress Trac
noreply at wordpress.org
Thu Feb 1 21:11:24 UTC 2018
#43187: Add pre-save filter to make target="_blank" always secure
-------------------------+-----------------------------
Reporter: notnownikki | Owner:
Type: enhancement | Status: reopened
Priority: normal | Milestone: Future Release
Component: General | Version:
Severity: normal | Resolution:
Keywords: has-patch | Focuses:
-------------------------+-----------------------------
Comment (by azaozz):
@notnownikki thanks for the patch, looks good.
Thinking that we should implement this security hardening in as many
browsers as possible. Firefox now supports `rel="noopener"`, but Edge
still doesn't: https://caniuse.com/#feat=rel-noopener. So we should
probably add `noreferrer` there too.
Good explanation of how this works and what it does:
https://mathiasbynens.github.io/rel-noopener/.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/43187#comment:24>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list