<li>
<a href="bad.example.com" target="_blank">Vulnerable target using html link to
open the new page</a>
</li>
if (window.opener) {
window.opener.location = "https://phish.example.com";
}
解决措施:
add rel="noreferer, ,noopener" to avoid this issue wherever target="blank" is placed.
<a href="xxxx"rel="noreferer,noopener" target="_blank" style="text-decoration:none;">
<button type="button">Download Now</button>
</a>