New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Link Support: target and rel attributes #413
Comments
Rather than putting too much logic into the component, we could just provide new props ( |
Definitely! Slim and trim! |
I'll work on a PR for adding the two new props. |
Gracias, señor! |
I agree with troy. But only about |
Hmmm... so create a computed prop |
From https://www.jitbit.com/alexblog/256-targetblank---the-most-underestimated-vulnerability-ever/
So should it default to both if What about cases where a user is linking to their own website (i.e. same domain) and wants Maybe if |
I can see defaulting |
Not to complicate things, but you can put any string in |
I would say the rel has a default value of |
@alexsasharegan true, any target that is not preceded by an |
take a look at PR #418 and see what you think |
So, I was getting myself confused about opening in a new window or in the same window. Really, you would only want to add the rel attribute if the link is not same domain. That's hard to do without adding too much code. Took a look at you addition. Looks good, but I think the noopener should be on any non-null target. Thoughts? |
But what if the user does want window to window communication for their own domain? |
That's why I think it might be more advantageous to default to noopener. Then check that target is not null, and just return the rel. Then they can specify null if they need communication. |
What about if target is not |
Maybe we should try to keep this on the PR. I'm getting dizzy! |
PR #418 Merged |
When working with some of the special components that take
to
orhref
attributes (basically components using the link mixin), there isn't support for passing down thetarget
andrel
attributes.I would love it if the default prop value for
rel
wasrel="noopener noreferrer"
to add a security-boosting default per this article: https://www.jitbit.com/alexblog/256-targetblank---the-most-underestimated-vulnerability-ever/. Maybe that could be triggered with a computed property so it only kicks in if a target other than_self
is specified.The text was updated successfully, but these errors were encountered: