No Opener, No Phishers
Reduce the risk of falling victim to phishing attacks.
Any website that uses target="_blank" on their links, allows user generated content and doesn't use the rel="noopener" attribute on their links (I'm looking at you Facebook, Twitter etc.) is vulnerable to a scarily simple phishing attack.
For an example of this kind of attack, view this example that I've made: https://jamiefarrelly.github.io/Rel-NoOpener-Example/
This Chrome extension is as simple as it gets, all it does is add "noopener noreferrer" to the rel attribute on all links on the pages that you're visiting so that you won't fall victim to this type of phishing attack.
Open source on Github https://github.com/JamieFarrelly/No-Opener-No-Phishers
Latest reviews
It would have been nicer if the extension allowed making exceptions for some sites via a whitelist.
It would have been nicer if the extension allowed making exceptions for some sites via a whitelist.
PSA: This is no longer required if you're on version 88 or newer on any platform that uses Chromium (e.g. Chrome, New Edge, Brave, etc.). https://www.chromestatus.com/feature/6140064063029248
PSA: This is no longer required if you're on version 88 or newer on any platform that uses Chromium (e.g. Chrome, New Edge, Brave, etc.). https://www.chromestatus.com/feature/6140064063029248
This feature is now baked into Chrome so the extension can be removed for most purposes. Where a site links to a target other than "_blank", e.g. "_potato" the same security issue still exists. Not sure if this extension only works with _blank links
This feature is now baked into Chrome so the extension can be removed for most purposes. Where a site links to a target other than "_blank", e.g. "_potato" the same security issue still exists. Not sure if this extension only works with _blank links
No longer needed since Chrome 88! (see crbug 898942 for details) Thanks for creating this extension.
No longer needed since Chrome 88! (see crbug 898942 for details) Thanks for creating this extension.
Simple and effective. Successfully tested at https://mathiasbynens.github.io/rel-noopener/ in Vivaldi 2.10.1745.27 (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.131 Safari/537.36).
Simple and effective. Successfully tested at https://mathiasbynens.github.io/rel-noopener/ in Vivaldi 2.10.1745.27 (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.131 Safari/537.36).
works fine and nice extension!
works fine and nice extension!
This does exactly what you'd want and expect it to do. The actual code is a single line of JS to simply add the 'noopener', and 'noreferrer' attributes to all links with a target of _blank. It's a clean and simple extension that should be baked directly into Chrome itself.
This does exactly what you'd want and expect it to do. The actual code is a single line of JS to simply add the 'noopener', and 'noreferrer' attributes to all links with a target of _blank. It's a clean and simple extension that should be baked directly into Chrome itself.
It does what it says. You can check (and better understand) its effectiveness on this website: https://mathiasbynens.github.io/rel-noopener/ Thanks Jamie.
It does what it says. You can check (and better understand) its effectiveness on this website: https://mathiasbynens.github.io/rel-noopener/ Thanks Jamie.
Thanks Jamie! Glad to have this protection in Chrome.
