Widget image security problem no rel=”noopener” tag

By mike31, 6 years ago. Last reply by mike31, 6 years ago.

Hi,

I use last version of Siteorigin and Widget Siteorigin Image too.
I find a security problem in your widget image because and we check ‘Open in new window’, the generated HTML has target=’_blank’ but not rel=”noopener” which fix a security vulnability.
Could you fix this issue in your widget image

Thank you

Michael

This is our free support forum. Replies can take several days. If you need fast email support, please purchase a SiteOrigin Premium license.

6 years, 11 months ago mike31
Hi,
Just to complete ma request and help you to add the fix in a future update.
It’s very simple to fix it
I have
```
$link_atts['rel'] = 'noopener';
```
in line 159 in so-widgets-bundle/widgets/imageimage.php
```
$link_atts = array();
	if ( ! empty( $instance['new_window'] ) ) {
		$link_atts['target'] = '_blank';
		<strong>$link_atts['rel'] = 'noopener';</strong>
	}
```
6 years, 11 months ago Alex S
Hi, I Work Here

Hi Mike,
Thank you for reporting this issue. This (and any other usage of _blank) will be fixed in the next update.
6 years, 11 months ago mike31
Hi Alex,
Thank you very much, I wait this next update.
Regards,

Replies on this thread are closed. Please create a new thread if you have a question, or purchase a SiteOrigin Premium license if you need one-on-one email support.

Page Builder

Widgets Bundle

SiteOrigin CSS

SiteOrigin Installer

WordPress Themes

Site Packs

Support Forum

SiteOrigin Blog

Widget image security problem no rel=”noopener” tag

Get The Most Out of SiteOrigin with SiteOrigin Premium