No Opener, No Phishers

Reduce the risk of falling victim to phishing attacks.
What is No Opener, No Phishers?
No Opener, No Phishers is a user-friendly Chrome extension enabling secure browsing. It adds 'noopener noreferrer' to the rel attribute on all links from the websites you visit. This prevents phishing attacks exploiting the target='_blank' vulnerability that exists in several websites with user generated content, thereby enhancing your browser's security. Explore the open-source extension on Github.

Extension stats

Users: 637 ▲ 11
Rating: 4.78 (9)
Version: 2 (Last updated: 2019-06-17)
Creation date: 2019-06-17
Risk impact: Low risk impact
Risk likelihood: Low risk likelihood
Manifest version: 2
Size: 280.58K

Other platforms

Not available on Firefox
Not available on Edge
Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.
Chrome-Stats extension

Extension summary

Any website that uses target="_blank" on their links, allows user generated content and doesn't use the rel="noopener" attribute on their links (I'm looking at you Facebook, Twitter etc.) is vulnerable to a scarily simple phishing attack.

For an example of this kind of attack, view this example that I've made: https://jamiefarrelly.github.io/Rel-NoOpener-Example/

This Chrome extension is as simple as it gets, all it does is add "noopener noreferrer" to the rel attribute on all links on the pages that you're visiting so that you won't fall victim to this type of phishing attack.

Open source on Github https://github.com/JamieFarrelly/No-Opener-No-Phishers

User reviews

It would have been nicer if the extension allowed making exceptions for some sites via a whitelist.
by Gaurav, 2022-09-11

PSA: This is no longer required if you're on version 88 or newer on any platform that uses Chromium (e.g. Chrome, New Edge, Brave, etc.). https://www.chromestatus.com/feature/6140064063029248
by Justin Butler, 2021-06-29

This feature is now baked into Chrome so the extension can be removed for most purposes. Where a site links to a target other than "_blank", e.g. "_potato" the same security issue still exists. Not sure if this extension only works with _blank links
by Sam Prince, 2021-02-01
View all user reviews

Extension safety

Risk impact

No Opener, No Phishers requires very minimum permissions.

Risk likelihood

No Opener, No Phishers has earned a fairly good reputation and likely can be trusted.

Upgrade to see risk analysis details

Similar extensions

Here are some Chrome extensions that are similar to No Opener, No Phishers: