You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Short version - it would probably be a good idea to add rel="noopener" to external links, in addition to target="blank".
Another thought that's almost certainly out of scope for this issue, but related to the discussion of consistency with handling external links, would be adding rel="noopener" to external links (recommended by lighthouse for performance / security - https://developers.google.com/web/tools/lighthouse/audits/noopener).
The text was updated successfully, but these errors were encountered:
mheppler
changed the title
as an end user browsing dataverse, I'd like sites opened in external links to not have access to the same javascript execution context as dataverse
Code Cleanup - better handling of external links
Sep 23, 2019
As @pdurbin noted in his PR comment, we have started to address this issue in adds rel="noopener" attribute to the link formatting in citation.tsv#6249. I will be diligent when reviewing PR that include UI changes which will provide an opportunity to add these rel="noopener" attribures.
I will start a checklist of the places it has been address here, so that if/when this issue gets picked up, we know where this is already done.
Splitting out from #3337 (comment) :
Short version - it would probably be a good idea to add
rel="noopener"
to external links, in addition totarget="blank"
.Another thought that's almost certainly out of scope for this issue, but related to the discussion of consistency with handling external links, would be adding rel="noopener" to external links (recommended by lighthouse for performance / security - https://developers.google.com/web/tools/lighthouse/audits/noopener).
The text was updated successfully, but these errors were encountered: