## What changes were proposed in this pull request? According to details found at https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/phishing-by-navigating-browser-tabs/, it is possible to change the "window.opener.location" value in browser windows opened using normal anchor tags where the "target" attribute is specified as "_blank".
This gives an attacker the ability to change the parent location and thus potentially allow for a phishing attack to invoked. To help this situation, it is suggested that the following attribute be set along with the "target" attribute: ``` rel="noopener noreferrer" ``` For example: ``` <a href="..." target="_blank" rel="noopener noreferrer">...</a> ``` ## How was this patch tested? 21815 passing (48s) 48 pending [ Full content available at: https://github.com/apache/ambari/pull/2308 ] This message was relayed via gitbox.apache.org for [email protected]
