Daniel St. Jules
Full stack dev from Ontario, Canada. Open source is awesome.
http://github.com/danielstjules
Target=”_blank” — the most underestimated vulnerability ever
Alex Yumashev
69424
Unfortunately, your proposed solution doesn’t work in Safari. See https://github.com/danielstjules/blankshield#solutions
“Safari’s cross-origin security prevents the modification of window.opener of a child window if it lies on a different origin, yet still allows the child window to access window.opener.location.”
But a library like https://github.com/danielstjules/blankshield can help work around that :)
