From 06ba4841863cc8d082e00a64c38f0c5c1d816e82 Mon Sep 17 00:00:00 2001
From: Keith Hill <auralon@users.noreply.github.com>
Date: Mon, 12 Mar 2018 15:28:07 +0000
Subject: [PATCH] Add rel="noopener noreferrer" to target="_blank"

rel="noopener noreferrer" should be added to links containing target="_blank" as a precaution against reverse tabnabbing. For more information, please refer to the following article:
https://www.jitbit.com/alexblog/256-targetblank---the-most-underestimated-vulnerability-ever/
---
 fruitlinkit/models/FruitLinkIt_LinkModel.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/fruitlinkit/models/FruitLinkIt_LinkModel.php b/fruitlinkit/models/FruitLinkIt_LinkModel.php
index 2e49b72..d58878b 100644
--- a/fruitlinkit/models/FruitLinkIt_LinkModel.php
+++ b/fruitlinkit/models/FruitLinkIt_LinkModel.php
@@ -56,6 +56,10 @@ public function getHtmlLink($attributes = false)
             if( ( !is_array($attributes) || !array_key_exists('title', $attributes) ) && $this->target )
             {
                 $htmlLink .= ' target="'.$this->target.'"';
+                
+                if ($this->target == '_blank') {
+                    $htmlLink .= ' rel="noopener"';
+                }
             }
 
             // Add Attributes