Did you know that using `target=_blank` for user-supplied links is a security risk? `rel=noopener` is here to help. https://mathiasbynens.github.io/rel-noopener/
-
-
Replying to @mathias1 reply 1 retweet 0 likes
Replying to @yourcompanionAI
@NO_BOOT_DEVICE This is not about XSS, though. There is a cross-origin example showing the opened page triggering navigation. +@thegrugq
1:25 AM - 16 Mar 2016
0 replies
0 retweets
1 like
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
JavaScript, HTML, CSS, HTTP, performance, security, Bash, Unicode, i18n, macOS.