DEV Community

Cover image for Using "noopener" and ”noreferrer” against Phishing Attacks
Beto Muniz
Beto Muniz

Posted on

Using "noopener" and ”noreferrer” against Phishing Attacks

Want to help users to avoid some Phishing Attacks with HTML?

👉 Use rel="noopener noreferrer" while adding external links to your website to improve user navigation security.

<a rel="noopener noreferrer" href="https://...">
 External Link
</a>
Enter fullscreen mode Exit fullscreen mode

🐿 noopener: tells the browser to remove sensitive data from window.opener object when the user arrives at the destination website.

🤓 noreferrer: protect sensitive data of the origin website removing it from the Referrer header while the user navigates between origin website and destination website.


😋 Super easy security strategy to implement. Adopt this recommendation without moderation.

💌 Also, don't miss content like this signing my newsletter.

Discussion (0)