MENU

Solution within CMSMS for the target="_blank" vulnerability

  Previous article Next article  

You probably have read Alex Jumašev's article: Target="_blank" - the most underestimated vulnerability ever. If not, you should!
Opening a bad link at your site using target="_blank" can give the target website partial access to the browser tab your website is in. It can redirect to a fake page asking to i.e. re-enter your Paypal or Facebook password. This problem is a general HTML issue, not a problem within CMSMS™!

Secure:
<a href="http://www.otherwebsite.com">Other website</a>
Insecure:
<a href="http://www.otherwebsite.com" target="_blank">Other website</a>

There are few methods to prevent this vulnerability using CMS Made Simple™.

  How to use

1. Don't use target="_blank" in your links

Do I need to explain this more...

<a href="http://www.otherwebsite.com">Other website</a>

2. Add rel="noopener noreferrer" to the links

<a href="http://www.otherwebsite.com" rel="noopener noreferrer" target="_blank">Other website</a>

Advertisement



Ads help me to help you! Thanks!

Ads help me to help you! Thanks!


3. Use a postfilter in CMSMS

In a large website it can be hard to change all links in the content...
This postfilter will automaticly add the rel="noopener noreferrer" tag to all links using target="_blank".

Create a file named postfilter.noopener.php and store it in the CMSMS [root_url]/assets/plugins/ folder.
The content of the file is:

<?php
/**
 * -------------------------------------------------------------------------------------------
 * File:     postfilter.noopener.php
 * Type:     postfilter
 * Purpose:  Adding rel="noopener noreferrer" to external links using target blank
 * https://www.cmscanbesimple.org/blog/solution-within-cmsms-for-the-target-blank-vulnerability
 * -------------------------------------------------------------------------------------------
 */

function smarty_postfilter_noopener($tpl_output, $smarty)
{
  $result = explode(':', $smarty->_current_file);

  if (count($result) > 0)
  {
    $patterns = array('/target\s*=\s*["\']_blank["\']/');
    $replace = 'target="_blank" rel="noopener noreferrer"';
    $tpl_output = preg_replace( $patterns, $replace, $tpl_output );
  }

  return $tpl_output;      
}
?>

Important note: This method isn't flawless but better than nothing.

Let me know if it works at your website and if I need to make some changes.



  Comment Form

Click here to open the form


  2 Comments

CMS Made Simple - Tutorials, tips and tricks - CMSMS

Solution within CMSMS for the target="_blank" vulnerability

  Article optimized for CMSMS 2.x

  Author:
  Last tested in: CMSMS 2.2.3.1
  Last updated: 23-06-2018
  Comments: 2
  http://cms.ms/FVaM

Advertisement



Ads help me to help you! Thanks!

Ads help me to help you! Thanks!

Ads help me to help you! Thanks!