diff --git a/lib/rules/jsx-no-target-blank.js b/lib/rules/jsx-no-target-blank.js
index d3c60157e9..b95fe44e51 100644
--- a/lib/rules/jsx-no-target-blank.js
+++ b/lib/rules/jsx-no-target-blank.js
@@ -41,7 +41,7 @@ module.exports = {
               continue;
             }
             if (attr.name.name === 'href') {
-              if (attr.value.type === 'Literal' && !/^\w+:/.test(attr.value.value)) {
+              if (attr.value.type === 'Literal' && !/^(?:\w+:|\/\/)/.test(attr.value.value)) {
                 // it's safe because it is not an external link (i.e. doesn't start with a protocol)
                 return;
               }
diff --git a/tests/lib/rules/jsx-no-target-blank.js b/tests/lib/rules/jsx-no-target-blank.js
index 3ff7ed4127..d20084ba20 100644
--- a/tests/lib/rules/jsx-no-target-blank.js
+++ b/tests/lib/rules/jsx-no-target-blank.js
@@ -62,6 +62,12 @@ ruleTester.run('jsx-no-target-blank', rule, {
     errors: [{
       message: 'Using target="_blank" without rel="noopener noreferrer" is a security risk:' +
       ' see https://mathiasbynens.github.io/rel-noopener'
-    }]}
-  ]
+    }]
+  }, {
+    code: '<a target="_blank" href="//example.com"></a>',
+    errors: [{
+      message: 'Using target="_blank" without rel="noopener noreferrer" is a security risk:' +
+      ' see https://mathiasbynens.github.io/rel-noopener'
+    }]
+  }]
 });