Target blank insecure error

tarnos12 · July 1, 2017, 8:52pm

Hi,

I have a problem with target="_blank", I expect to left click on a link to open it in a new window(and it does).
Sadly it won`t load the page, instead it displays an error :

SecurityError: The operation is insecure.

I googled and found a solution which says to add an attribute to anchor tag: rel="noopener noreferrer"

It does not fix this error.

It will work with ctrl + left click, but target blank is there for a reason(to make it easier and prevent miss click which would force you to reload a page)

Example pen from challenge question has the same problem, which technically means I could ignore it since it is not part of the challenge, but I would prefer to fix it if there is a way.

Here is a challenge link for a reference: https://www.freecodecamp.com/challenges/use-the-twitchtv-json-api

Thanks

kevinSmith · July 1, 2017, 9:09pm

On what platform are you building this? With which browser?

I’ve heard that this is considered a slight security risk. But I think you have to for Codepen.

https://medium.com/@jitbit/target-blank-the-most-underestimated-vulnerability-ever-96e328301f4c

tarnos12 · July 2, 2017, 11:25am

This is that article I found in order to fix my problem, but it does not work for codepen.

@Edit:

I am using Firefox 64bit.

tarnos12 · July 2, 2017, 2:38pm

Yes, that is something I also understood and I tried opening it in debug/full screen mode, but it didn`t work.

It works in debug mode now which is weird.