Did you know that using `target=_blank` for user-supplied links is a security risk? `rel=noopener` is here to help. https://mathiasbynens.github.io/rel-noopener/
@WebReflection Gmail seems safe. Twitter and Facebook are still vulnerable to this, it seems.
-
-
@mathias this is a link in my gmail inbox ... how come you say it's safe?pic.twitter.com/IhdNpnughp
-
@WebReflection The reason you can’t tell: they might be using the JavaScript fallback described here: https://mathiasbynens.github.io/rel-noopener/#recommendations …
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
JavaScript, HTML, CSS, HTTP, performance, security, Bash, Unicode, i18n, macOS.