If you follow This Week in Linux you’ll know Firefox 79 is now adding the rel=“noopener” attribute to all links using target="_blank". I believe they’re the first browser to do this.
<a href="example.com" target="_blank" rel="noopener">link</a>
Because of how Web standards work, without rel=“noopener”
example.com is evil or if they’re compromised.
You can confirm if your browser is vulnerable here: https://mathiasbynens.github.io/rel-noopener/
Fix for Firefox ESR and Firefox < 79:
- Enter about:config into the address bar and press Enter.
- Click “I accept the risk!”
- Search for “dom.targetBlankNoOpener.enabled”
- Double click on the line which turns the value to true.
Fix for Chromium:
- Do your own research finding a browser extension that adds noopener, the best one I could find is this one with 244 users: https://chrome.google.com/webstore/detail/no-opener-no-phishers/hieejlcohhkjbpiihgphcnaaiehphike
When in doubt:
- Right-click the link and choose “Copy Link Location” or “Copy link address”
- Open a new tab, paste to the Address Bar and press Enter.