If you add an external link in the template or in the post and use the
target="_blank"attribute, then immediately complete the
rel="noopener"on the links.
Looks like this is still not much known by bloggers (including me who just found out hehehe ...).
When we link other web pages to our blog page using
target="_blank"attribute on external links is also vulnerable. The new page has access to the window object through
window.opener, and can direct our page to a different URL using
window.opener.location = newURL.
For that, please fix the external link that uses
target="_blank"on your blog by adding the
rel="noopener"like the following example:
<a href="http://www.domainLain.com/"rel="noopener" target="_blank" title="Domain Lain">Domain Lain</a>
If combined with
rel="nofollow"the writing is as follows:
<a href="http://www.domainLain.com/" rel="nofollow noopener" target="_blank" title="Domain Lain">Domain Lain</a>