Skip to content
/ blank-protector Public

Chrome extension that sets window.opener on every page to null to avoid phishing attacks based on target _blank vulnerability

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

KbaHaxor/blank-protector

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
README.md
README.md
 
 
blank-protector.js
blank-protector.js
 
 
icon128.png
icon128.png
 
 
icon16.png
icon16.png
 
 
icon48.png
icon48.png
 
 
manifest.json
manifest.json
 
 

Repository files navigation

When we click on link with target="_blank", a new page in a new tab can change our previous page on the previous tab. To avoid this effect, we can use rel="noopener" but too many websites not using this ability yet. And we can't affect them. This is a very simple Google Chrome extension that does only one thing: sets window.opener on every page to null before page loading is started. Despite the fact that websites use rel="noopener" or not (by the way Google search doesn't use it) we can keep calm - without window.opener this attack can't affect us.

Intallation instructions

  • Clone this repository or download zip version and unpack it
  • Go to chrome://extensions/
  • Enable "Developer mode"
  • Click "Load unpacked extension" and load it from the directory where you clone this repository

About

Chrome extension that sets window.opener on every page to null to avoid phishing attacks based on target _blank vulnerability

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages