Security and performance issues with target="_blank" on links
My friend Kieran Barker wrote a great article on using target="_blank"
on links, and why it’s bad and you shouldn’t do it.
Chris Coyier did a great job documenting why you generally shouldn’t use target="_blank"
a couple of years ago, but Kieran writes about a security issue I didn’t know about.
If a user clicks on one of your links which has
target="_blank"
set, the new page will have access to your page’swindow
object via thewindow.opener
property. Does that sound like a bad thing? Because it is. The other page could redirect yours to a malicious URL.
Go read the whole article on Kieran’s site to learn more.