Skip to content

Latest commit

 

History

History
27 lines (19 loc) · 886 Bytes

jsx-no-target-blank.md

File metadata and controls

27 lines (19 loc) · 886 Bytes

Prevent usage of unsafe target='_blank' (jsx-no-target-blank)

When creating a JSX element that has an a tag, it is often desired to have the link open in a new tab using the target='_blank' attribute. Using this attribute unaccompanied by rel='noreferrer noopener', however, is a severe security vulnerability (see here for more details) This rules requires that you accompany all target='_blank' attributes with rel='noreferrer noopener'.

Rule Details

The following patterns are considered errors:

var Hello = <a target='_blank'></a>

The following patterns are not considered erros:

var Hello = <p target='_blank'></p>
var Hello = <a target='_blank' rel='noopener noreferrer'></a>
var Hello = <a></a>

When Not To Use It

If you do not have any external links, you can disable this rule