Merlin
No Opener, No Phishers

No Opener, No Phishers

Reduce the risk of falling victim to phishing attacks.

What is No Opener, No Phishers?
No Opener, No Phishers is a user-friendly Chrome extension enabling secure browsing. It adds 'noopener noreferrer' to the rel attribute on all links from the websites you visit. This prevents phishing attacks exploiting the target='_blank' vulnerability that exists in several websites with user generated content, thereby enhancing your browser's security. Explore the open-source extension on Github.
Download
Merlin
Stats
Users: 743 ▲ 2
Rating: 4.78 (9)
Version: 2 (Last updated: 2019-06-17)
Creation date: 2019-06-17
Risk impact: Low risk impact
Risk likelihood: Low risk likelihood
Manifest version: 2
Size: 280.58K
Stats date:

Chrome-Stats Rank

# 31524 ▼ 52
Other rankings
#6083 in Developer Tools ▼ 5 #138 in example keyword 2 ▲ 4

Other platforms

Not available on Firefox
Not available on Edge
Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.
Chrome-Stats extension
Merlin
Summary
Analyze keywords

Any website that uses target="_blank" on their links, allows user generated content and doesn't use the rel="noopener" attribute on their links (I'm looking at you Facebook, Twitter etc.) is vulnerable to a scarily simple phishing attack.

For an example of this kind of attack, view this example that I've made: https://jamiefarrelly.github.io/Rel-NoOpener-Example/

This Chrome extension is as simple as it gets, all it does is add "noopener noreferrer" to the rel attribute on all links on the pages that you're visiting so that you won't fall victim to this type of phishing attack.

Open source on Github https://github.com/JamieFarrelly/No-Opener-No-Phishers

User reviews
It would have been nicer if the extension allowed making exceptions for some sites via a whitelist.
by Gaurav Gaurav, 2022-09-11
PSA: This is no longer required if you're on version 88 or newer on any platform that uses Chromium (e.g. Chrome, New Edge, Brave, etc.). https://www.chromestatus.com/feature/6140064063029248
by Justin Butler Justin Butler, 2021-06-29
This feature is now baked into Chrome so the extension can be removed for most purposes. Where a site links to a target other than "_blank", e.g. "_potato" the same security issue still exists. Not sure if this extension only works with _blank links
by Sam Prince Sam Prince, 2021-02-01
View all user reviews
Safety
Risk impact

No Opener, No Phishers is relatively safe to use as it requires very minimum permissions.

Risk likelihood

No Opener, No Phishers has earned a fairly good reputation and likely can be trusted.

Upgrade to see risk analysis details
Screenshots
No Opener, No Phishers
Similar extensions

Here are some Chrome extensions that are similar to No Opener, No Phishers:

Opener Detector
Opener Detector
Harry Cutts
5.00
80
Security Tweaks
Security Tweaks
loora
4.67
827
Privacy Crawler
Privacy Crawler
privacy-crawler
N/A
452
NoDetour
NoDetour
Patrick H. Lauke
3.71
578
Redirect AMP to HTML
Redirect AMP to HTML
Aleksandersen
4.85
4,000+
Site Bleacher
Site Bleacher
wooque
4.50
722
Google link fixer
Google link fixer
littlelightlittlefire
4.41
2,000+
Ignore Google Scripts
Ignore Google Scripts
em_te
4.67
432
Block Unreachable Scripts
Block Unreachable Scripts
em_te
4.20
894
LocalCDN
LocalCDN
Emanuel Bennici
4.40
20,000+
WebAPI Blocker
WebAPI Blocker
Yubi
4.14
1,000+
Local Cache
Local Cache
Unknown
4.40
771