You need to be logged in to post in the forum - Log In

An active JCE Pro Subscription is required to post in the forum - Buy a Subscription

Support is currently Offline

Official support hours:
Monday To Friday
From 09:00 To 17:00 Europe/London (BST)

Please post your question in the Forum and we will get back to you as soon as we can.

  Thursday, 23 March 2017
  7 Replies
  7.3K Visits
I understand why the rel="noopener noreferrer" was added to the editor but is there a way we can still open in a new window and not use this? This is messing with our CDN files. The site we are using is an Internet and only a few people can add/edit the site. We have always opened our PDFs in a new window as it helps the employees. Now we cannot. Our CDN is looking for the referrer to pull the file and with this we do not have it.

Can this be easily removed? Or is there a way that I can remove the rel="noopener noreferrer"? If so will it have to be removed with each update? Or is there another workaround without having to manually edit the article HTML?

Thank you,

-M
more than a month ago
·
#90906
In the Editor Global Configuration, add:


allow_unsafe_link_target:true


to the Custom Configuration Variables field.

https://cdn.joomlacontenteditor.net/tmp/90904-removing-rel-noopener-noreferrer.jpg

Just because you're not paranoid doesn't mean everybody isn't out to get you.

more than a month ago
·
#90926
Hi Ryan,

I noticed today that JCE is added the attributes to my links: rel="noopener noreferrer"

What is that attribute for and why is it inserted by default? If it's useful, maybe I'll leave it. If not, then I'll add the editor global config you mention above.

Thanks.
more than a month ago
·
#90927
I noticed today that JCE is added the attributes to my links: rel="noopener noreferrer"


This is added to links when the target is set to "_blank". See - https://dev.to/ben/the-targetblank-vulnerability-by-example and https://mathiasbynens.github.io/rel-noopener/

Just because you're not paranoid doesn't mean everybody isn't out to get you.

more than a month ago
·
#91011
Ryan,

I have been trying to remove them because I figured it was a bug. :-)

Is this going to appear anytime we create a link in a new window?

I will stop trying to remove them now. :-)

Thanks, Sean Carney

Sean Carney - Webmaster, CTO, CFO, Practice Administrator, Chef and Dishwasher.
AllMedPhysicians, pLLC

more than a month ago
·
#91012
Is this going to appear anytime we create a link in a new window?


Yes, it is added when a link has a target of "_blank" (Open in new window)

Just because you're not paranoid doesn't mean everybody isn't out to get you.

more than a month ago
·
#91018
Hi all together,

ok I understand it, but what happens to all existing links with target="_blank"?

I think it is a good way to change them too.
While this is done not by JCE, I will use RegularLabs DB-Replacer.

But it should be nice to build an Info in the change-log, that

1. this is new code to avoid phishing
2. the change of existing links must be done by the user/webmaster.
3. also the allow_unsafe_link_target:true parameter should be documented.

regards ... HGH

more than a month ago
·
#91027
Thank you for taking good care of us.

Sean Carney - Webmaster, CTO, CFO, Practice Administrator, Chef and Dishwasher.
AllMedPhysicians, pLLC

  • Page :
  • 1
There are no replies made for this post yet.
Be one of the first to reply to this post!