| commit | a8a460cbc25a2474b48b844756503d749c584738 | [log] [tgz] |
|---|---|---|
| author | Eric Lawrence <[email protected]> | Fri Nov 06 21:10:42 2020 |
| committer | Commit Bot <[email protected]> | Fri Nov 06 21:10:42 2020 |
| tree | 825fd6049e4ed3de70a1f831430f9a33f8cb6951 | |
| parent | d5135efd7697096d1450f19f67cc4424df255807 [diff] [blame] |
Anchor target=_blank implies rel=noopener To mitigate "tab-napping" attacks, in which a new tab/window opened by a victim context may navigate that opener context, the HTML standard changed to specify that anchors that target _blank should behave as if |rel="noopener"| is set. A page wishing to opt out of this behavior may set |rel="opener"|. Bug: 898942 Change-Id: Id34bbc480e96cb2cc8e922388a9a5bc4161b03b1 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1630010 Reviewed-by: Julian Pastarmov <[email protected]> Reviewed-by: John Abd-El-Malek <[email protected]> Reviewed-by: Marijn Kruisselbrink <[email protected]> Reviewed-by: Mike West <[email protected]> Reviewed-by: Arthur Sonzogni <[email protected]> Commit-Queue: Eric Lawrence [MSFT] <[email protected]> Cr-Commit-Position: refs/heads/master@{#825022}
diff --git a/chrome/browser/prefs/browser_prefs.cc b/chrome/browser/prefs/browser_prefs.cc index 43fe63e..b1817554 100644 --- a/chrome/browser/prefs/browser_prefs.cc +++ b/chrome/browser/prefs/browser_prefs.cc
@@ -604,6 +604,8 @@ policy::policy_prefs::kIntensiveWakeUpThrottlingEnabled, false); registry->RegisterBooleanPref( policy::policy_prefs::kUserAgentClientHintsEnabled, true); + registry->RegisterBooleanPref( + policy::policy_prefs::kTargetBlankImpliesNoOpener, true); #if defined(OS_ANDROID) registry->RegisterBooleanPref(policy::policy_prefs::kBackForwardCacheEnabled, true);