From: Zac Spitzer [mailto:zac.spit...@gmail.com]
> how about rather than requiring this on every <a> why not support a base tag > directive for the whole document i.e. <base rel="noopener">, similar to > <base target="_blank">? Yes, this is a good idea to include in a general framework for imposing such self-restrictions on your page, such as CSP: https://github.com/w3c/webappsec/issues/139.