Exploit using target="_blank"

General discussion about Slimjet, or other issues related to web browser in general.
Post Reply
Anonymosity
Posts: 41
Joined: Sun Feb 24, 2019 6:39 pm

Exploit using target="_blank"

Post by Anonymosity » Mon Jun 10, 2019 12:17 pm

There is a target="_blank" exploit demonstrated at this page: https://mathiasbynens.github.io/rel-noopener/
Does the same exploit work with target="_new"? Is there anything fundamentally different about how that code works, compared to target="_blank"?
I found a script for GreaseMonkey/ViolentMonkey/TamperMonkey which turns target="_blank" into target="_self" which defeats the exploit. I was wondering if there was any point in extending it to include target="_new".

Post Reply