Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

mailto in href: should I add rel noopener,noreferrer?

Tags:

html

security

mailto

privacy

Assuming I have this HTML code:

<a href="mailto:[email protected]" target="_blank"></a>

As far as I know, for security and privacy reason, best practices tells I have to add rel="noopener noreferrer" on every link that goes outside. Do I have to consider a mailto link as an external link?

like image 947
rap-2-h Avatar asked Jul 05 '18 14:07

rap-2-h

People also ask

Should I use rel Noopener or rel Noreferrer?

The noopener is needed to enhance the security of your website and prevent other websites from gaining access to your page (through the browser session). The noreferrer is used to protect referral information from being passed to the target website and this also hides referral traffic in Google analytics.

What does rel Noopener Noreferrer mean?

Adding the nofollow attribute to a link that includes rel=”noopener noreferrer” allows you to link to other websites without appearing to approve their content or perspective.

What does rel Noopener do?

The noopener keyword for the rel attribute of the <a> , <area> , and <form> elements instructs the browser to navigate to the target resource without granting the new browsing context access to the document that opened it — by not setting the Window. opener property on the opened window (it returns null ).

Should you use mailto links?

A mailto link is different than a contact form link. Essentially, an HTML mailto link is a link that triggers the user's default mail client to open so they can reply to a message. If you're a fan of email HTML forms and know your way around the coding aspect of things, a mailto link can be preferable, in some cases.

1 Answers

You can better understand it here: https://mathiasbynens.github.io/rel-noopener/

Short answer: no need, since the link doesn't open a new window which could (ab)use the window.opener issue explained in the link above.

UPDATE: As op pointed out - my assumption that a mail client will handle the mailto: links was wrong. One could have used navigator.registerProtocolHandler to make a web app handle these links (or any other links for that matter). Thus, I would say you should add rel="noopener noreferrer" as originally proposed.

like image 113
Arseny Levin Avatar answered Sep 19 '22 16:09

Arseny Levin
Sign in to Comment

Related questions

How do you programmatically apply a CSS class to paragraphs in Jekyll?
How to vertically align image and text in table cell?
Create Form Input with Text Formatting Options giving HTML OUTPUT
making the <area> in a <map> tag visible during development
How to make links work with card-img-overlay in Bootstrap v4
How do I add custom logo in navbar title field in rmarkdown?
jQuery append lose style
How do I set the column width of some column width in datatables
Why HTML/CSS Dropdown Menu links not clicking thru on 1st click, only 2nd+ click works?
Checkbox styling doesn't work on Safari mobile
How to remove border highlight on an <select> after press it
Google sheets API with chrome extension, how to use?
How to make a component show/hide on scroll in react.js
Why does angular add ng-version attribute to the app-root html tag
javascript copy element to clipboard with all styles
How can I scrape text and images from a random web page?
What is the purpose of navigator.connection.saveData?
How Add Header and footer on all PDF page In jsPDF with addHTML method
DataURL of an img with CSS class
Difference between `script` and `link as="script"` tags

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!