Skip to content

Fix(Security): Prevent Reverse Tabnabbing vulnerability on external article links #455

Description

@Abhi666-max

The Problem

Currently, the external article links in frontend/src/pages/OpenSource/OSSBlog.jsx are using target="_blank" without the accompanying rel="noopener noreferrer" attributes.

This creates a known security vulnerability called Reverse Tabnabbing. When an external link is opened without these attributes, the newly opened tab can gain partial access to the original tab's window.opener object. This can potentially lead to cross-origin hijacking, phishing attacks, or performance degradation.

Proposed Solution

I will fix this by strictly implementing security best practices (adding rel="noopener noreferrer") to all external anchor (<a>) tags within the OSSBlog.jsx component. This ensures proper cross-origin isolation and protects the application.

Assignment

I am a GSSoC '26 contributor. Could you please assign this security fix to me and add the relevant labels (gssoc, gssoc-approved, security)? I am ready to raise the PR immediately.

Metadata

Metadata

Assignees

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions