No Opener, No Phishers

No Opener, No Phishers

Reduce the risk of falling victim to phishing attacks.

What is No Opener, No Phishers?
No Opener, No Phishers is a user-friendly Chrome extension enabling secure browsing. It adds 'noopener noreferrer' to the rel attribute on all links from the websites you visit. This prevents phishing attacks exploiting the target='_blank' vulnerability that exists in several websites with user generated content, thereby enhancing your browser's security. Explore the open-source extension on Github.
Stats
Users: 778 ▼ -18
Rating: 4.78 (9)
Version: 2 (Last updated: 2019-06-17)
Creation date: 2019-06-17
Risk impact: Low risk impact
Risk likelihood: Low risk likelihood
Manifest version: 2
Size: 280.58K
Stats date:

Other platforms

Not available on Firefox
Not available on Edge
Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.
Chrome-Stats extension
Summary

Any website that uses target="_blank" on their links, allows user generated content and doesn't use the rel="noopener" attribute on their links (I'm looking at you Facebook, Twitter etc.) is vulnerable to a scarily simple phishing attack.

For an example of this kind of attack, view this example that I've made: https://jamiefarrelly.github.io/Rel-NoOpener-Example/

This Chrome extension is as simple as it gets, all it does is add "noopener noreferrer" to the rel attribute on all links on the pages that you're visiting so that you won't fall victim to this type of phishing attack.

Open source on Github https://github.com/JamieFarrelly/No-Opener-No-Phishers

User reviews
It would have been nicer if the extension allowed making exceptions for some sites via a whitelist.
by Gaurav Gaurav, 2022-09-11

PSA: This is no longer required if you're on version 88 or newer on any platform that uses Chromium (e.g. Chrome, New Edge, Brave, etc.). https://www.chromestatus.com/feature/6140064063029248
by Justin Butler Justin Butler, 2021-06-29

This feature is now baked into Chrome so the extension can be removed for most purposes. Where a site links to a target other than "_blank", e.g. "_potato" the same security issue still exists. Not sure if this extension only works with _blank links
by Sam Prince Sam Prince, 2021-02-01
View all user reviews
Safety
Risk impact

No Opener, No Phishers is relatively safe to use as it requires very minimum permissions.

Risk likelihood

No Opener, No Phishers has earned a fairly good reputation and likely can be trusted.

Upgrade to see risk analysis details
Screenshots
Similar extensions

Here are some Chrome extensions that are similar to No Opener, No Phishers: