Noopener noreferrer WordPress


Why WordPress now added automatically
NOREFERRER, NOOPENER to all links in target_blank ?

Rel = "noopener" : an attribute to better secure the links made target = blank.
Rel = »noreferrer» : an additional attribute in the first ONLY for Mozilla Firefox
but more ESPECIALLY an attribute that prevents any external site mesh to obtain driving traffic (referrer).

In summary, in the presence of this attribute noreferrer, At a site in WordPress 4.7.4 or greater that achieves a link
to a site with a B visits tracking tool will not transmit the information that is causing this traffic to the measuring tool.
Site B will not be able to know that the site A has sent N visits him, which can be very problematic in certain cases : ex : partnership.

Adding the noopener attribute is overall very recommended on all links in target = "_ blank" to correct the security flaw discovered.
Adding the noreferrer attribute to him a much more debatable interest. It may ask you to different levels problem :
The sites you mesh can not detect that you are talking to them and that you are an attractive source of traffic for them.
(it's a shame and it can cause you problems in many cases, especially in the case of such partnerships)
The noreferrer attribute is only useful complement noopener for Firefox
(although this remains a browser widely used in France, it's not Google Chrome and risks are already more limited).



How to remove the automatic addition of

Two solutions exist.
1) WordPress Plugin dedicated No noopener noreferrer – Don’t add rel= »noopener noreferrer».


2) Add the following lines to your WordPress install fonction.php of.


function tinymce_allow_unsafe_link_target( $mceInit ) {


return $mceInit;


[site_reviews_summary assigned_to=”post_id”]

[site_reviews_form assign_to=”post_id”]
Rate this article

[site_reviews display=10 assigned_to=”post_id”]

Leave a Reply

Your email address will not be published. Required fields are marked *