Hacker News new | ask | show | jobs
by illuna 3715 days ago
Linking to stuff that you control is okay, because you know and control the contents inside the new window. So your example (terms and conditions created by you) is totally cool.

As described in the article, it is dangerous when the link's destination is not controlled by you. That destination has access to its opener's window and could potentially change the url to eg. a malicious look-alike of your site.

It's a consideration when linking to arbitrary pages, but when you own the destination (and trust that your site has no other security issues) then this becomes a non-issue.
1 comments
pmalynin 3715 days ago
This is one of the reasons why FB et al go to a special link before opening the actual target site.
link
hueving 3715 days ago
That's more of a happy accident. Their primary reason is to track things.
link
tuukkah 3714 days ago
I thought the primary reason was privacy: https://m.facebook.com/notes/facebook-engineering/protecting...
link
xuki 3715 days ago
You can track click without a redirect.
link
azazqadir 3714 days ago
Like using utm?
link
xuki 3714 days ago
Like using javascript
link