I have a question that has no answers yet on stackexchange.
Then it came into my mind. Well, now that Steemit exists why shouldn't votes become money??
So here is (maybe) the first stackoverflow question on Steemit.. :)
Q: Is noreferrer enough to secure links that use target=" _blank"?
Is the use of noreferrer enough for links that use target="_blank" in order to avoid reverse tabnabbing
For context here is an explanation of the issue:
- "Target=_blank - the most underestimated vulnerability ever"
- "About rel=noopener"
- Steemit article on Tabnabbing performed on social media
So my question is: what's the consequence of forgetting to add also noopener and nofollow (that I see used on most websites)?
Are there browsers that are affected by the lack of the last two attributes?
As far as I know the safest solution is to launch the link in a new tab from a temporary iframe but I see some websites out there using only noreferrer so I was wondering if there's some issue using only noreferrer.