[wp-trac] [WordPress Trac] #59856: target=_blank without noopener security issue in wp-admin/edit-form-advanced.php (and others)
WordPress Trac
noreply at wordpress.org
Sat Dec 30 22:47:25 UTC 2023
#59856: target=_blank without noopener security issue in wp-admin/edit-form-
advanced.php (and others)
--------------------------+------------------------
Reporter: jaydub44 | Owner: (none)
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: General | Version:
Severity: normal | Resolution: duplicate
Keywords: close | Focuses:
--------------------------+------------------------
Changes (by sabernhardt):
* status: new => closed
* resolution: => duplicate
* milestone: Awaiting Review =>
Comment:
I'll consider this a duplicate of #37941, which proposed editing //any//
links using `target="_blank"` that did not already have `noopener`.
Those four post preview links in `edit-form-advanced.php` hopefully would
be safe even with an old, unsupported browser because their linked pages
are on the same site.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/59856#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list