Merlin
Opener Detector

Opener Detector

Checks for window.opener vulnerabilities as you browse.

What is Opener Detector?
Opener Detector is a simple browser extension that checks for window.opener vulnerabilities while you browse. It shows a warning page in the vulnerable tab, enabling you to report or fix the vulnerability. You can add pages and domains to an ignore list, and customize reporting settings. The extension's source code is available on GitHub under the 3-clause BSD license.
Download
Merlin
Stats
Users: 75 ▲ 5
Rating: 5.00 (1)
Version: 1.0.0 (Last updated: 2017-09-04)
Creation date: 2017-09-03
Risk impact: Low risk impact
Risk likelihood: Very low risk likelihood
Manifest version: 2
Permissions:
  • storage
Size: 30.66K
Stats date:

Chrome-Stats Rank

# 70679 ▲ 984
Other rankings
#1302 in Developer Tools ▲ 6 #284 in example keyword 2 ▲ 12

Other platforms

Not available on Firefox
Not available on Edge
Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.
Chrome-Stats extension
Merlin
Summary
Analyze keywords

A simple browser extension which checks for window.opener vulnerabilities as you browse. When it finds one, it shows a warning page in the vulnerable tab, so that you can report or fix the vulnerability. (Use the back button to return to the page.) Individual pages and whole domains can be added to an ignore list, and by default, vulnerabilities between pages of the same origin (e.g. https://example.com/foo.html and https://example.com/bar.html) are not reported, though this can be changed in the settings.

window.opener vulnerabilities allow Web pages to control the tab which opened them. They can be fixed on many browsers simply by adding rel=noopener to your links. For more details, check out Mathias Bynens' article (https://mathiasbynens.github.io/rel-noopener/).

Please use responsibly. Disclose vulnerabilities you find, or fix them. Keep your hat white.

Source code is available on GitHub (https://github.com/HarryCutts/opener-detector), under the 3-clause BSD license. Contributions welcome!

Safety
Risk impact

Opener Detector is relatively safe to use as it requires very minimum permissions.

Risk likelihood

Opener Detector has earned a good reputation and can be trusted.

Upgrade to see risk analysis details
Screenshots
Opener Detector
Promo images
Opener Detector small promo image
Small promo image
Similar extensions

Here are some Chrome extensions that are similar to Opener Detector:

Check for .git directory existence
Check for .git directory existence
https://jordijolink.nl
N/A
278
Scripter debugger extension
Scripter debugger extension
roi.benhaim
5.00
335
PERS - The Passive Expired Resource Scanner
PERS - The Passive Expired Resource Scanner
https://thehackerblog.com
N/A
97
GitHub submodule links
GitHub submodule links
https://msol.io
5.00
174
captureCalls
captureCalls
https://n12v.com
1.00
172
DOM-JSON Tree Matcher
DOM-JSON Tree Matcher
victor013
N/A
292
Policy Control
Policy Control
MeryDev
4.33
404
Investigate with Lacework
Investigate with Lacework
Lacework
N/A
282
PhishBlock
PhishBlock
Casey Haralson
5.00
80
Plugin Vulnerabilities
Plugin Vulnerabilities
White Fir Design
5.00
544
No Opener, No Phishers
No Opener, No Phishers
Jamie Farrelly
4.78
717
Privacy Crawler
Privacy Crawler
privacy-crawler
N/A
439