WordPress.org

Make WordPress Core

Opened 9 months ago

Closed 9 months ago

#49313 closed enhancement (duplicate)

Add rel="noopener noreferrer" to plugins screen links

Reported by: laurencebahiirwa Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: Plugins Keywords: has-patch has-screenshots
Focuses: administration Cc:

Description

This page a couple of JavaScript files running which leaves the website owner vulnerable. It is a common link click area.

When you open another page using target="_blank", the other page may run on the same process as your page, unless Site Isolation is enabled. If the other page is running a lot of JavaScript, your page's performance may also suffer.

Ref: https://developers.google.com/web/tools/lighthouse/audits/noopener

Attachments (3)

plugin-links-rel.diff (1.4 KB) - added by laurencebahiirwa 9 months ago.
patch file
patch-missing.png (209.8 KB) - added by laurencebahiirwa 9 months ago.
Screenshot without patch
patch-screenshot.png (205.4 KB) - added by laurencebahiirwa 9 months ago.
Screenshot patch

Download all attachments as: .zip

Change History (4)

@laurencebahiirwa
9 months ago

patch file

@laurencebahiirwa
9 months ago

Screenshot without patch

@laurencebahiirwa
9 months ago

Screenshot patch

#1 @SergeyBiryukov
9 months ago

  • Component changed from General to Plugins
  • Focuses administration added
  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

Hi there, welcome to WordPress Trac!

Thanks for the ticket, we're already tracking this enhancement in #37941.

Note: See TracTickets for help on using tickets.