Window.opener clarification of cross-origin behavior #23204
Labels
area: DOM/CSSOM
Content:WebAPI
Web API docs
help wanted
If you know something about this topic, we would love your help!
MDN URL
https://developer.mozilla.org/en-US/docs/Web/API/Window/opener
What specific section or headline is this issue about?
Value
What information was incorrect, unhelpful, or incomplete?
If the opener is not on the same origin as the current page, functionality of the opener object is limited. For example, variables and functions on the window object are not accessible. However, navigation of the opener window is possible, which means that the opened page can open a URL in the original tab or window. In some cases, this makes phishing attacks possible, where a trusted page that is opened in the original window is replaced by a phishing page by the newly opened page.
What did you expect to see?
A table of available fields for cross-origin use.
Do you have any supporting links, references, or citations?
No response
Do you have anything more you want to share?
No response
MDN metadata
Page report details
en-us/web/api/window/opener
The text was updated successfully, but these errors were encountered: