This is a feature request resulting from this discussion in the WHATWG HTML issue tracker: https://github.com/whatwg/html/issues/2119 The problem is, that rel=noopener is not the perfect solution to mitigate the non-trivial security problem, when a window accesses and manipulates its opener window. Proposed solution: If a window A opens a new window B, and if both windows do not share the same origin, then: * detect, when B wants to access and/or modify A's window object * if it does, block the action and present the user with a modal warning in A, asking for allowance The warning could be similar to the ones when entering fullscreen mode or when asking for location information. This solution addresses the problem, that cross-origin access to the parent window object is inherently unsafe, but seems to be used in some OAuth workflows, which rules out plainly disallowing this practice.
Small remark: I made this suggestion in the Github issue, but I didn't intend the notification to completely block the action. Instead I think it should just provide a notification that the window object has been manipulated, in a similar fashion as the fullscreen notification works. Fully blocking the action will result in poor UX for (e.g.) Oauth flows, which I don't think is desirable (at least not without a secure alternative).
I think a blocking dialog is better than a notification, because the "poor UX" would encourage web sites to find a more secure way to implement OAuth. Cross origin opener is different from fullscreen, because the former is what we want to remove from the web one day.
I also submitted the issue to issue trackers of Chromium & Edge: https://bugs.chromium.org/p/chromium/issues/detail?id=670203 https://developer.microsoft.com/en-us/microsoft-edge/platform/issues/10022307/
Priority: -- → P5
You need to log in before you can comment on or make changes to this bug.