Skip to main content Accessibility Feedback

Security and performance issues with target="_blank" on links

My friend Kieran Barker wrote a great article on using target="_blank" on links, and why it’s bad and you shouldn’t do it.

Chris Coyier did a great job documenting why you generally shouldn’t use target="_blank" a couple of years ago, but Kieran writes about a security issue I didn’t know about.

If a user clicks on one of your links which has target="_blank" set, the new page will have access to your page’s window object via the window.opener property. Does that sound like a bad thing? Because it is. The other page could redirect yours to a malicious URL.

Go read the whole article on Kieran’s site to learn more.