mirror of
https://github.com/cypht-org/cypht.git
synced 2026-04-25 04:56:03 +03:00
[GH-ISSUE #317] 🚀 Open Links in EMails in a new window #274
Labels
No labels
2fa
I18N
PGP
Security
Security
account
advanced_search
advanced_search
announcement
api_login
authentication
awaiting feedback
blocker
bug
bug
bug
calendar
config
contacts
core
core
devops
docker
docs
duplicate
dynamic_login
enhancement
epic
feature
feeds
framework
github
github
gmail_contacts
good first issue
help wanted
history
history
imap
imap_folders
inline_message
installation
keyboard_shortcuts
keyboard_shortcuts
ldap_contacts
mobile
need-ssh-access
new module set
nux
pop3
profiles
pull-request
question
refactor
release
research
saved_searches
smtp
strategic
tags
tests
themes
website
wordpress
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/cypht#274
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @ulfgebhardt on GitHub (Feb 9, 2019).
Original GitHub issue: https://github.com/cypht-org/cypht/issues/317
🚀 Feature
Open Links in EMails in a new window
It would be nice if there were an option to open every link in an email in a new window by default.
Currently the links are opened in the same tab as cypht - which is no real problem, but if you forget to press ctrl now and lose your open Email client.
If I missed such an option please show me how to activate it.
Since i mostly view text messages it should be quite easy to add a
target="_blank"- for html emails it might be more complex?! - especially when not every link is one which points outside the email, but a jumpmarker#mymarker.Design, Layout, Architecture
@jasonmunro commented on GitHub (Feb 10, 2019):
We actually used to do this for both text and html E-mail links, however I disabled it because of this:
https://www.owasp.org/index.php/Reverse_Tabnabbing
I know we can use noopener but I was concerned about browser support so I removed all target attributes.
@ulfgebhardt commented on GitHub (Feb 10, 2019):
ok I get that - your choice to close this issue - i will live with the ctrl+click ;-)
@jasonmunro commented on GitHub (Feb 10, 2019):
I feel we really should err on the side of caution here so I'm closing :)
@StevenMassaro commented on GitHub (Dec 20, 2023):
@jasonmunro Would you consider reopening this? According to your link:
@marclaporte commented on GitHub (Dec 20, 2023):
@Yannick243 Please investigate and advise.
@Yannick243 commented on GitHub (Jan 3, 2024):
After researching the potential Reverse_Tabnabbing vulnerability that could result from that, I noticed that support for
rel='noopener'is now implicitly enabled in the majority of modern browsers (since at least 2020) for links usingtarget='_blank'as indicated here https://caniuse.com/mdn-html_elements_a_implicit_noopener except InternetExplorer.Consequently, this vulnerability is no longer as critical as before. I would suggest reintroducing
target='_blank' rel='noopener'for external links. If this approach is acceptable, I can submit a pull request.@marclaporte commented on GitHub (Jan 3, 2024):
@josaphatim @kroky @jasonmunro
@kroky commented on GitHub (Jan 4, 2024):
I agree, target blank in conjunction with rel=noopener have pretty good support for quite some years in most browsers and it feels more natural to open email links in new tabs/windows.