Solution within CMSMS for the target="_blank" vulnerability
Previous article Next articleYou probably have read Alex Jumašev's article: Target="_blank" - the most underestimated vulnerability ever. If not, you should!
Opening a bad link at your site using target="_blank" can give the target website partial access to the browser tab your website is in. It can redirect to a fake page asking to i.e. re-enter your Paypal or Facebook password. This problem is a general HTML issue, not a problem within CMSMS™!
Secure:
Insecure:
There are few methods to prevent this vulnerability using CMS Made Simple™.
How to use
1. Don't use target="_blank" in your links
Do I need to explain this more...
2. Add rel="noopener noreferrer" to the links
3. Use a postfilter in CMSMS
In a large website it can be hard to change all links in the content...
This postfilter will automaticly add the rel="noopener noreferrer" tag to all links using target="_blank".
Create a file named postfilter.noopener.php and store it in the CMSMS [root_url]/assets/plugins/ folder.
The content of the file is:
/**
* -------------------------------------------------------------------------------------------
* File: postfilter.noopener.php
* Type: postfilter
* Purpose: Adding rel="noopener noreferrer" to external links using target blank
* https://www.cmscanbesimple.org/blog/solution-within-cmsms-for-the-target-blank-vulnerability
* -------------------------------------------------------------------------------------------
*/
function smarty_postfilter_noopener($tpl_output, $smarty)
{
$result = explode(':', $smarty->_current_file);
if (count($result) > 0)
{
$patterns = array('/target\s*=\s*["\']_blank["\']/');
$replace = 'target="_blank" rel="noopener noreferrer"';
$tpl_output = preg_replace( $patterns, $replace, $tpl_output );
}
return $tpl_output;
}
?>
Important note: This method isn't flawless but better than nothing.
Let me know if it works at your website and if I need to make some changes.
Comment Form
ReviewManager
ReviewManager
2 Comments
Fixed: "PHP Warning: Parameter 2 to smarty_postfilter_noopener() expected to be a reference, value given in /home/.../public_html/www.website.com/lib/smarty/sysplugins/smarty_internal_runtime_filterhandler.php on line 57"
The plugins folder, has been moved in 2.x version of cmsms.
Idk if this works if you move it to the "assets/plugins" folder.
Solution within CMSMS for the target="_blank" vulnerability
Article optimized for CMSMS 2.x
Author: RolfLast tested in: CMSMS 2.2.3.1
Last updated: 23-06-2018
Comments: 2
http://cms.ms/FVaM
