Your cart is currently empty!
What’s rel=”noopener” in WordPress & How to Remove It
When you upgrade your WordPress to 4.7.4 version or newer, you will notice a new tag rel=”noopener”. It is located alongside the target=”_blank” tag in the HTML editor. When you make them open in a new tab, the tag is automatically added to all internal and external links.
As a web developer, you may be wondering what this tag does? Does it affect your websites negatively in any way? So, in this article we will discuss what is rel=”noopener” in WordPress and how to remove it. If you curious about rel=”noopener”, you better check this out!
What is rel=”noopener”?
Even though, it may sound a bit suspicious, but it is actually a security fix that prevent malicious links from taking control over an opened tab. Usually, window.opener Javascript object is used to control a parent window using a child window. With this feature, hackers can switch user’s currently opened website with a fake one and steal information, such as login details. Therefore, to prevent this, rel=”noopener” blocks the use of the window.opener Javascript object. If window.opener does not work, then a tab can’t control another tab.
In fact, on 23rd November 2016, this security fix was added in TinyMCE plugin. Actually, WordPress uses TinyMCE as its text editor; it also got updated with this feature in WordPress version 4.7.4.
Is It Bad for your Website?
You may relieve as it doesn’t have any bad impact to your site. Some WordPress users may be making all internal and external links “nofollow”, which cause bad score for SEO. But, the fact is rel=”noopener”is just an instruction for the user’s browser to cease the use of the window.opener Javascript object.
This is because SEO relates to search engines and they don’t interact with rel=”noopener” tag. It works the same for analytics software that completely ignores this tag.
At first, this might have been a bit of a problem when WordPress added rel=”noopener noreferrer” tag before the fix was released with WordPress version 4.7.4. In the older version, “noreferrer” blocked the link from knowing where it actually came from.
Even though, it may not affect your SEO, but it may affect some of the analytics tools and affiliate programs. However, in WordPress latest version, “noreferrer” tag has been removed , so you should have no problem with rel=”noopener” tag. SYou only need to make sure you have updated to the latest version of WordPress.
How to remove rel=”noopener”
As it is stated above, rel=”noopener” doesn’t affect SEO. It also has no impact on analytics tools, and affiliate links also won’t break. It works to protect your users from any potential malicious links that could hijack their tabs. In fact, it only will stop when you want to use the window.opener Javascript object for any purpose.
As it is integrated into the WordPress text editor, removing rel=”noopener”can be a bit difficult. Moreover, it will be added back again when you save the document, Even if you manually remove it from the HTML code. So, the best solution is to disable this feature from the TinyMCE plugin itself.
However, you may need to add some lines of code in the functions.php file of your WordPress theme. In the functions.php file, copy and paste the below mentioned code and save it:
// Note that this intentionally disables a tinyMCE security feature.
// Use of this code is NOT
recommended.add_filter(‘tiny_mce_before_init’,’tinymce_allow_unsafe_link_target’);
function tinymce_allow_unsafe_link_target( $mceInit ) {
$mceInit[‘allow_unsafe_link_target’]=true;
return $mceInit;
}
This will stop WordPress from automatically adding rel=”noopener” tag in your posts. But, you may need to mannually remove the added tags from posts saved after WordPress 4.7.4 update.
In Summary
Even though, it may sound suspicious but you have nothing to be afraid of on the rel=”noopener’ tag. It will secure your website visitors. But, you should embrace this new edition of security feature, if you want to use the window.opener feature.