Quick Reference
Element Code: LI-018
Issue: External links with target="_blank" lack rel="noopener"
Impact: Vulnerability to tabnapping attacks where opened page can manipulate opener
Fix: Add rel="noopener" to all target="_blank" links
Detection: HTML audit, security scanners
What Is This Issue?
Links that open in new tabs without rel="noopener" allow the opened page to access window.opener. Malicious pages can use this to redirect your page to a phishing site.
Why This Matters for Your Website
Tabnapping is a real security risk. Users trust that your site will not redirect to malicious content while they browse other tabs.
How to Fix This Issue
- Add rel="noopener": To all target="_blank" links
- Modern browsers help: But older browsers need explicit protection
- Consider rel="noopener noreferrer": For additional privacy
Tools for Detection
- HTML audit: Search for target="_blank" without noopener
TL;DR (The Simple Version)
Your external links that open in new tabs are vulnerable to tabnapping. Add rel="noopener" to all target="_blank" links.
About SEO ProCheck
Technical SEO consulting and GEO strategy with 20 years of enterprise experience. Case studies, resources, and tools for search and AI visibility.
Work With Me
Technical SEO audits, GEO strategy, site migrations, and international SEO. Hourly consulting for teams who need hands-on support, not just reports.
Subscribe to our newsletter!
Recent Posts
- No Social Schema December 7, 2025
- Missing Social Profile Links December 7, 2025
- Social Image Wrong Size December 7, 2025