Typescript Reverse Tabnabbing Missing Rel
Description
Detects reverse tabnabbing vulnerabilities in NextJS applications where links open in new windows without proper security protections. Reverse tabnabbing allows malicious websites to manipulate the original page through unsecured window references, potentially enabling phishing attacks.
Detection Strategy
• Identifies anchor tags and Link components that use target='_blank' to open in new windows/tabs
• Checks if the link is missing recommended security attributes (rel='noopener noreferrer')
• Analyzes Link components from Next.js framework and standard HTML anchor elements
• Reports vulnerabilities when finding links that open new windows without proper security attributes
Vulnerable code example
import React from 'react'
export function VulnerableLink({ url, children }) {
// Vulnerability: target="_blank" without rel="noopener noreferrer" enables reverse tabnabbing
return (
<a href={url} target="_blank">
{children}
</a>...✅ Secure code example
import React from 'react'
export function SecureLink({ url, children }) {
// Added rel="noreferrer" to prevent reverse tabnabbing attacks
return (
<a href={url} target="_blank" rel="noreferrer">
{children}
</a>...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.