Support » Fixing WordPress » Stop “noopener noreferrer” tags from auto-insert

  • princejindal8

    (@princejindal8)


    [ Moderator note: moved to Fixing WordPress. ]

    Just today morning, I saw these “noopener noreferrer” tags are getting added automatically after rel=”nofollow” in the WordPress backend while I write new articles or edit existing articles.

    These were the URLs before –
    <a href="http://example.com/example" target="_blank" rel="nofollow">Assume</a>

    Now, all of such external URLs are getting converted to
    <a href="http://example.com/example" target="_blank" rel="nofollow noopener noreferrer">Assume</a>

    How to remove these noopener noreferrer tags from adding automatically?

    Are they really necessary?

Viewing 14 replies - 1 through 14 (of 14 total)
  • graphicscove

    (@graphicscove)

    Why would you want to remove them?

    They help prevent other sites hijacking your content and are definitely required if you value your site security. There shouldn’t be a need to remove these.

    ~ Steven

    princejindal8

    (@princejindal8)

    Hey

    Thanks Steven for the quick reply.
    I will then keep them on the website.

    Is there any guide I can read to know more about these tags? Because I still couldn’t get, how these tags (noopener noreferrer) help in website security.

    graphicscove

    (@graphicscove)

    This site explained it to me very well when it came up, they even have an example you can try out: https://mathiasbynens.github.io/rel-noopener/.

    ~ Steven

    princejindal8

    (@princejindal8)

    Thanks, Steven.
    I will give it a read.

    Chocolate-Covered Katie

    (@chocolate-covered-katie)

    Having the same issue (ever since the latest wordpress update), except mine suddenly added “nofollow noopener noreferrer” to ALL links opening in a new tab, even internal links.

    Is there a way to change it back so that internal links opening in a new page are switched back to dofollow links?

    Moderator Jan Dembowski

    (@jdembowski)

    Brute Squad and Volunteer Moderator

    rhum_un

    (@rhum_un)

    I’ve the same issue. I have a link like :

    <a href="page1.html" target="_blank" rel="nofollow" onClick="ga('send','event','display','click','objet1');">my link</a>

    when i update my article, wordpress changes the code :

    <a href="page1.html" target="_blank" rel="nofollow noopener noreferrer">my link</a>

    So wordpress changes the rel=”nofollow” with rel=”nofollow noopener noreferrer” but it also delete the tracking events code onClick="ga('send','event','display','click','site1');"

    Does someone knows how to do to keep the tracking code?

    In recent update WordPress adding this automatically on those links which are set to open in new windows (target=”_blank”). I am wondering why you guys want to remove it. Its protecting users.

    This has probably been done to avoid what is known as Reverse Tabnabbing. Reverse Tabnabbing occurs the attacker uses window.opener.location.assign() to replace the background tab with a malicious document. Do not remove them, if you value your site. And even if you remove it, WordPress will put it back when you save the post, also it applies to your old posts if you edit and save/update.

    Correct.
    I am now letting it go as it is with rel=”nofollow referrer noopener”.
    Should it affect Google Analytics from counting the total page visits and page views?

    Hello Zubee,

    I don’t want to remove rel=”nofollow referrer noopener” but when wordpress updates my code, it also delete my OnClick code so i’m not able to track event on outbound links. I’m wondering if there is another solution to count events.

    zericha

    (@zericha)

    There are two reasons people might want it gone:

    1) internal links opening in a new tab you want to have dofollow. There are lots of really good reasons to open internal links in a new tab. The noopener noreferrer tag is an SEO killer.

    2) using affiliate links (like Amazon Associates) with the noopener noreferrer tag on your site is against most terms of service for being an affiliate.

    princejindal8

    (@princejindal8)

    Hi Zericha

    1. That won’t harm the SEO because you are not making internal links as “nofollow”. They are only being “noopener noreferrer” which is for security purpose.

    2. For Amazon, this isn’t a policy violation – https://affiliate-program.amazon.com/help/operating/policies

    Just in case someone was interested by my last question, i found the solution by adding this script on the head section of my pages. No need to track manually every links anymore. The script tracks every outbound links throught Google Analytics 🙂

    <script>
    jQuery(document).ready(function(){
    jQuery(‘a’).click(function(){
    ancre = this.href;
    parseAncre = document.createElement(‘a’);
    parseAncre.href = ancre;
    hostnameAncre = parseAncre.hostname;

    currentPage = document.location.href;
    parseCurrentPage = document.createElement(‘a’);
    parseCurrentPage.href = currentPage;
    hostnameSite = parseCurrentPage.hostname;

    if(hostnameAncre != hostnameSite){
    ga(‘send’, ‘event’, ‘Lien sortant’, currentPage, ancre);
    }

    return true;
    });
    });
    </script>

    “How to remove these noopener noreferrer tags from adding automatically?
    Are they really necessary?”

    No of course they aren’t necessary, they are destructive! They are getting added without the site owner’s consent to what the site owner posts on his site. That is worse than censorship, it is dictatorship.

    Steven is right with his hint for ONE usage, and ONE only. And exactly that ONE usage is mentioned in the github post. Can wp programmers that love to turn into dictators not READ before they act so badly?

    The ONE usage is: user-generated content. Right!
    That’s the business of the site owner, no one else.
    Instead, wp programmers didn’t THINK first but went ahead anyway and wildly added their useless nonsense to ANYTHING, even widgets the site owner adds with love. Ridiculous.

    @all: Kindly stop stealing site owner content, changing it secretly, and then having wp posting the corrupted stuff! Without even making the site owner aware! That’s anarchy.

    I say it again: It’s much better to finally program solutions to all the PROBLEMS and ERRORS, than continuing to program stuff that corrupts what the site owners(!) do, and want.

    Thanks for taking note.
    ?

Viewing 14 replies - 1 through 14 (of 14 total)
  • You must be logged in to reply to this topic.