Solution within CMSMS for the target="_blank" vulnerability

  Previous article Next article  

Solution within CMSMS for the target="_blank" vulnerability

  Article optimized for CMSMS 2.x

  Author:
  Last tested in: CMSMS 2.1.3
  Last updated: 30-05-2016
  Comments: 1

You probably have read Alex Jumašev's article: Target="_blank" - the most underestimated vulnerability ever. If not, you should!
Opening a bad link at your site using target="_blank" can give the target website partial access to the browser tab your website is in. It can redirect to a fake page asking to i.e. re-enter your Paypal or Facebook password. This problem is a general HTML issue, not a problem within CMSMS™!

Secure:
<a href="http://www.otherwebsite.com">Other website</a>
Insecure:
<a href="http://www.otherwebsite.com" target="_blank">Other website</a>

There are few methods to prevent this vulnerability using CMS Made Simple™.

  How to use

1. Don't use target="_blank" in your links

Do I need to explain this more...

<a href="http://www.otherwebsite.com">Other website</a>

2. Add rel="noopener noreferrer" to the links

<a href="http://www.otherwebsite.com" rel="noopener noreferrer" target="_blank">Other website</a>

A2 Webhosting CMS Made Simple

3. Use a postfilter in CMSMS

In a large website it can be hard to change all links in the content...
This postfilter will automaticly add the rel="noopener noreferrer" tag to all links using target="_blank".

Create a file named postfilter.noopener.php and store it in the CMSMS [root_url]/plugins/ folder.
The content of the file is:

<?php
/**
 * -------------------------------------------------------------------------------------------
 * File:     postfilter.noopener.php
 * Type:     postfilter
 * Purpose:  Adding rel="noopener noreferrer" to external links using target blank
 * http://www.cmscanbesimple.org/blog/solution-within-cmsms-for-the-target-blank-vulnerability
 * -------------------------------------------------------------------------------------------
 */

function smarty_postfilter_noopener($tpl_output, &$smarty)
{
  $result = explode(':', $smarty->_current_file);

  if (count($result) > 0)
  {
    $patterns = array('/target\s*=\s*["\']_blank["\']/');
    $replace = 'target="_blank" rel="noopener noreferrer"';
    $tpl_output = preg_replace( $patterns, $replace, $tpl_output );
  }

  return $tpl_output;      
}
?>

Important note: This method isn't flawless but better than nothing.

Let me know if it works at your website and if I need to make some changes.


A2 Webhosting CMS Made Simple

  Comments

  Click here to leave a comment






This is a captcha-picture. It is used to prevent mass-access by robots. (see: www.captcha.net)
  « Enter the CAPTCHA code (lower case)

Your IP address will be stored on submit. I reserve the right to change or delete your response without notice!
In case of abuse your IP address will be blocked!


Can I have your attention for a moment?

Did this tutorial help you solving a problem at your (clients) website and it saved you many hours of work? Great!!
Consider buying Rolf a cup of coffee in return! [ Click here ]


  1 Comment

CMS Made Simple 2.2.2 - Tutorials, tips and tricks - CMSMS 2.2.2

Solution within CMSMS for the target="_blank" vulnerability

  Article optimized for CMSMS 2.x

  Author:
  Last tested in: CMSMS 2.1.3
  Last updated: 30-05-2016
  Comments: 1

A2 Webhosting CMS Made Simple