Did you know that using `target=_blank` for user-supplied links is a security risk? `rel=noopener` is here to help. https://mathiasbynens.github.io/rel-noopener/
@steffenweber Sure, and so is `window.open`. But if you allow those in user-generated content you have bigger problems…
-
-
@mathias Agreed, access to window.opener is probably a minor problem in that case.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
JavaScript, HTML, CSS, HTTP, performance, security, Bash, Unicode, i18n, macOS.