Make sure to read this post before raising a thread here:
Then tell us:
- What language is this for? JavaScript
- Which rule? RSPEC-5148
- Why do you believe it’s a false-positive/false-negative? adding a
windowFeatures
string withnoopener,noreferrer
triggers the rule, even the MDN says that it’s valid. Additionally, setting thewindow.opener
property to null as specified by the reference links in the rule info does not work either. - Are you using
- SonarCloud? Yes
- SonarQube - which version?
- SonarLint - which IDE/version?
- in connected mode with SonarQube or SonarCloud?
- How can we reproduce the problem? Give us a self-contained snippet of code (formatted text, no screenshots)
const target = window.open('https://sonarcloud.io', 'noopener,noreferrer');
target.opener = null;