New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add rel="noopener nofollow" for links to sponsor websites #2688

Merged
merged 3 commits into from Dec 3, 2018

Conversation

Projects
None yet
3 participants
@joealcorn
Contributor

joealcorn commented Dec 3, 2018

Hello 馃憢

When linking to external sites with target='_blank', it's important to add rel='noopener' as a security measure. Otherwise the external site is able to navigate the original browser tab in the background, for example to a phishing site.

More info here: https://mathiasbynens.github.io/rel-noopener/

You've also got a bit of a spam problem at the moment - there are lots of $2 donations that seem to exist solely to build backlinks for spammy gambling websites.
That seems to have been mostly taken care of in #2681. However, I've also added rel='nofollow', which should let search engines know it's an untrusted link and hopefully protect your own search ranking. Hopefully that takes away some of the incentive to spam. I wrote about the spam a bit here: https://joealcorn.co.uk/blog/2018/donations-as-a-vector-for-spam

@montogeek montogeek merged commit 38e6e57 into webpack:master Dec 3, 2018

2 checks passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details
licence/cla Contributor License Agreement is signed.
Details
@montogeek

This comment has been minimized.

Member

montogeek commented Dec 3, 2018

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment