There is a target="_blank" exploit demonstrated at this page: https://mathiasbynens.github.io/rel-noopener/
Does the same exploit work with target="_new"? Is there anything fundamentally different about how that code works, compared to target="_blank"?
I found a script for GreaseMonkey/ViolentMonkey/TamperMonkey which turns target="_blank" into target="_self" which defeats the exploit. I was wondering if there was any point in extending it to include target="_new".
General discussion about Slimjet, or other issues related to web browser in general.
1 post • Page 1 of 1