Lately I have read about a shocking vulnerability, which resides in every browser due to a design flaw. The vulnerability exposes you to an attack called tabnabbing, which switches a tab in your browser with a malicious webpage, where you could be asked to enter your password again. Often these so-called phishing pages are disguised as regular login pages.
The vulnerability
Okay, back to the vulnerability. Usually, when creating links in an HTML page, it looks like this:
<a href="http://google.com/" target="_blank">This is a link to a bad webpage.</a>
The target="_blank" tells the browser to open the link in a new tab or window. What you probably did not know: The new page can access parts of the original website.
The Window.opener object is responsible for this behaviour. Mozilla states:
When a window is opened from another window (using Window.open), it maintains a reference to that first window as window.opener. If the current window has no opener, this method returns NULL.
Demonstration
I created a little test page to demonstrate the vulnerability. Note that nothing bad will happen from clicking the following link, you are safe! So try it out now:
Go to the page.
A nice demonstration can also be found here: About rel=noopener
Solution
To fix this problem, add the following tag to your links:
rel='noopener noreferrer'
For example:
<a rel='noopener noreferrer' href="http://google.com/" target="_blank">This is a link to a bad webpage.</a>
Try out the test page with noopener:
[…] Target:”_blank” – the vulnerability in your browser […]
Quite nice post, I definitely adore this
site, keep on it.