Automatic "noopener noreferrer"?
See original GitHub issueWhile it’s a smart rule to have, one of our small annoyances has been the jsx-no-target-blank
rule. I work on a large project that makes use of target="_blank"
fairly often, and requiring rel="noopener noreferrer
all over the place adds noise that I’m not sure is necessary for a dev to care about.
We created a custom component <A/>
with the logic to add the attribute values whenever target="_blank"
. This works great, but it adds a little bit of overhead, and since eslint no longer sees it as an anchor tag, we don’t get other possible warnings targeted at anchor tags.
So that’s the background, here’s the ask:
Would CRA be welcome to the idea of making this security fix automatic via babel plugin (found babel-plugin-jsx-target-blank) instead of warning the user by eslint?
I’m not sure of the implications of this (i.e. does anyone have valid use-cases for ignoring this rule? would it break their apps?), so I wanted to open it up for discussion before creating a PR.
Issue Analytics
- State:
- Created 5 years ago
- Reactions:3
- Comments:5 (1 by maintainers)
Top GitHub Comments
This is actually a pretty good idea.
I have only two questions/concerns:
"noopener noreferrer"
?This issue has been automatically closed because it has not had any recent activity. If you have a question or comment, please open a new issue.