So it's insecure to use target="_blank" without rel="noopener", right? But Google Search does. Ta-da!
They cared enough to invent a new `link` relation and implement it. They just don’t think it warrants a bug bounty. @cramforce
-
-
him.., I didn't meant any bounty, but anyway. I did better have CSP "nav-src self" to allow only to same origin/pages
-
of course from scripts/links/etc only. Not from ombibox
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
JavaScript, HTML, CSS, HTTP, performance, security, Bash, Unicode, i18n, macOS.