Skip to content
Chrome extension to stop yourself from falling victim to phishing attacks
JavaScript
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
images
js Remove jQuery and use native JS Jun 7, 2019
LICENSE Create LICENSE Dec 11, 2017
README.md Adding medium post to readme Aug 29, 2016
manifest.json Remove jQuery and use native JS Jun 7, 2019

README.md

No Opener, No Phishers

Chrome extension to reduce the risk of falling victim to phishing attacks. Read my blog post about this for more info: Browsers are broken, but nobody cares. All it took was 1 line of code to fix it..

Overview

Any website that uses target="_blank" on their links, allows user generated content and doesn't use the rel="noopener" attribute on their links (I'm looking at you Facebook, Twitter etc.) is vulnerable to a scarily simple phishing attack.

I've made an example of how this type of phising attack could take place so people can realise how dangerous it can be, which is also on Github.

This Chrome extension is as simple as it gets, all it does is add "noopener noreferrer" to the rel attribute on all links on the pages that you're visiting. It's literally one line of code.

$('[target="_blank"]').attr("rel", "noopener noreferrer");

Installation

Download from the Chrome Store

You can’t perform that action at this time.