General: Remove noreferrer from wp_targeted_link_rel() and other uses.

When `noopener noreferrer` was originally added in #37941 and related tickets, the `noreferrer` bit was specifically included due to Firefox not supporting `noopener` at the time. Since `noopener` has been supported by all major browsers for a while, it should now be safe to remove the `noreferrer` attribute from core. Props Mista-Flo, audrasjb, joostdevalk, jonoaldersonwp, peterwilsoncc, elgameel. Fixes #49558. git-svn-id: https://develop.svn.wordpress.org/trunk@49215 602fd350-edb4-49c9-b593-d223f7449a82
2026-03-31 18:54:29 +00:00 · 2020-10-19 23:37:53 +00:00
parent ffbde71040
commit 2a8dae456d
20 changed files with 64 additions and 63 deletions
--- a/tests/phpunit/tests/formatting/WPTargetedLinkRel.php
+++ b/tests/phpunit/tests/formatting/WPTargetedLinkRel.php
@@ -8,61 +8,61 @@ class Tests_Targeted_Link_Rel extends WP_UnitTestCase {

 	public function test_add_to_links_with_target_blank() {
 		$content  = '<p>Links: <a href="/" target="_blank">No rel</a></p>';
-		$expected = '<p>Links: <a href="/" target="_blank" rel="noopener noreferrer">No rel</a></p>';
+		$expected = '<p>Links: <a href="/" target="_blank" rel="noopener">No rel</a></p>';
 		$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
 	}

 	public function test_add_to_links_with_target_foo() {
 		$content  = '<p>Links: <a href="/" target="foo">No rel</a></p>';
-		$expected = '<p>Links: <a href="/" target="foo" rel="noopener noreferrer">No rel</a></p>';
+		$expected = '<p>Links: <a href="/" target="foo" rel="noopener">No rel</a></p>';
 		$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
 	}

 	public function test_target_as_first_attribute() {
 		$content  = '<p>Links: <a target="_blank" href="#">No rel</a></p>';
-		$expected = '<p>Links: <a target="_blank" href="#" rel="noopener noreferrer">No rel</a></p>';
+		$expected = '<p>Links: <a target="_blank" href="#" rel="noopener">No rel</a></p>';
 		$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
 	}

 	public function test_add_to_existing_rel() {
 		$content  = '<p>Links: <a href="/" rel="existing values" target="_blank">Existing rel</a></p>';
-		$expected = '<p>Links: <a href="/" rel="existing values noopener noreferrer" target="_blank">Existing rel</a></p>';
+		$expected = '<p>Links: <a href="/" rel="existing values noopener" target="_blank">Existing rel</a></p>';
 		$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
 	}

 	public function test_no_duplicate_values_added() {
 		$content  = '<p>Links: <a href="/" rel="existing noopener values" target="_blank">Existing rel</a></p>';
-		$expected = '<p>Links: <a href="/" rel="existing noopener values noreferrer" target="_blank">Existing rel</a></p>';
+		$expected = '<p>Links: <a href="/" rel="existing noopener values" target="_blank">Existing rel</a></p>';
 		$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
 	}

 	public function test_rel_with_single_quote_delimiter() {
 		$content  = '<p>Links: <a href="/" rel=\'existing values\' target="_blank">Existing rel</a></p>';
-		$expected = '<p>Links: <a href="/" rel="existing values noopener noreferrer" target="_blank">Existing rel</a></p>';
+		$expected = '<p>Links: <a href="/" rel="existing values noopener" target="_blank">Existing rel</a></p>';
 		$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
 	}

 	public function test_rel_with_no_delimiter() {
 		$content  = '<p>Links: <a href="/" rel=existing target="_blank">Existing rel</a></p>';
-		$expected = '<p>Links: <a href="/" rel="existing noopener noreferrer" target="_blank">Existing rel</a></p>';
+		$expected = '<p>Links: <a href="/" rel="existing noopener" target="_blank">Existing rel</a></p>';
 		$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
 	}

 	public function test_rel_value_spaced_and_no_delimiter() {
 		$content  = '<p>Links: <a href="/" rel = existing target="_blank">Existing rel</a></p>';
-		$expected = '<p>Links: <a href="/" rel="existing noopener noreferrer" target="_blank">Existing rel</a></p>';
+		$expected = '<p>Links: <a href="/" rel="existing noopener" target="_blank">Existing rel</a></p>';
 		$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
 	}

 	public function test_escaped_quotes() {
 		$content  = '<p>Links: <a href=\"/\" rel=\"existing values\" target=\"_blank\">Existing rel</a></p>';
-		$expected = '<p>Links: <a href=\"/\" rel=\"existing values noopener noreferrer\" target=\"_blank\">Existing rel</a></p>';
+		$expected = '<p>Links: <a href=\"/\" rel=\"existing values noopener\" target=\"_blank\">Existing rel</a></p>';
 		$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
 	}

 	public function test_ignore_links_with_no_target() {
 		$content  = '<p>Links: <a href="/" target="_blank">Change me</a> <a href="/">Do not change me</a></p>';
-		$expected = '<p>Links: <a href="/" target="_blank" rel="noopener noreferrer">Change me</a> <a href="/">Do not change me</a></p>';
+		$expected = '<p>Links: <a href="/" target="_blank" rel="noopener">Change me</a> <a href="/">Do not change me</a></p>';
 		$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
 	}

@@ -85,7 +85,7 @@ class Tests_Targeted_Link_Rel extends WP_UnitTestCase {
 	 */
 	public function test_wp_targeted_link_rel_filters_run() {
 		$content  = '<p>Links: <a href="/" target="_blank">No rel</a></p>';
-		$expected = '<p>Links: <a href="/" target="_blank" rel="noopener noreferrer">No rel</a></p>';
+		$expected = '<p>Links: <a href="/" target="_blank" rel="noopener">No rel</a></p>';

 		$post = $this->factory()->post->create_and_get(
 			array(
@@ -103,7 +103,7 @@ class Tests_Targeted_Link_Rel extends WP_UnitTestCase {
 	 */
 	public function test_wp_targeted_link_rel_should_preserve_json() {
 		$content  = '<p>Links: <a href=\"\/\" target=\"_blank\">No rel<\/a><\/p>';
-		$expected = '<p>Links: <a href=\"\/\" target=\"_blank\" rel=\"noopener noreferrer\">No rel<\/a><\/p>';
+		$expected = '<p>Links: <a href=\"\/\" target=\"_blank\" rel=\"noopener\">No rel<\/a><\/p>';
 		$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
 	}

@@ -114,7 +114,7 @@ class Tests_Targeted_Link_Rel extends WP_UnitTestCase {
 	 */
 	public function test_wp_targeted_link_rel_skips_style_and_scripts() {
 		$content  = '<style><a href="/" target=a></style><p>Links: <script>console.log("<a href=\'/\' target=a>hi</a>");</script><script>alert(1);</script>here <a href="/" target=_blank>aq</a></p><script>console.log("<a href=\'last\' target=\'_blank\'")</script>';
-		$expected = '<style><a href="/" target=a></style><p>Links: <script>console.log("<a href=\'/\' target=a>hi</a>");</script><script>alert(1);</script>here <a href="/" target="_blank" rel="noopener noreferrer">aq</a></p><script>console.log("<a href=\'last\' target=\'_blank\'")</script>';
+		$expected = '<style><a href="/" target=a></style><p>Links: <script>console.log("<a href=\'/\' target=a>hi</a>");</script><script>alert(1);</script>here <a href="/" target="_blank" rel="noopener">aq</a></p><script>console.log("<a href=\'last\' target=\'_blank\'")</script>';
 		$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
 	}

@@ -131,7 +131,7 @@ class Tests_Targeted_Link_Rel extends WP_UnitTestCase {

 	public function test_wp_targeted_link_rel_tab_separated_values_are_split() {
 		$content  = "<p>Links: <a href=\"/\" target=\"_blank\" rel=\"ugc\t\tnoopener\t\">No rel</a></p>";
-		$expected = '<p>Links: <a href="/" target="_blank" rel="ugc noopener noreferrer">No rel</a></p>';
+		$expected = '<p>Links: <a href="/" target="_blank" rel="ugc noopener">No rel</a></p>';
 		$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
 	}

--- a/tests/phpunit/tests/menu/walker-nav-menu.php
+++ b/tests/phpunit/tests/menu/walker-nav-menu.php
@@ -37,7 +37,7 @@ class Tests_Menu_Walker_Nav_Menu extends WP_UnitTestCase {
 	}

 	/**
-	 * Tests when an item's target is _blank, that rel="noopener noreferrer" is added.
+	 * Tests when an item's target is _blank, that rel="noopener" is added.
 	 *
 	 * @ticket 43290
 	 */
@@ -64,7 +64,7 @@ class Tests_Menu_Walker_Nav_Menu extends WP_UnitTestCase {

 		$this->walker->start_el( $expected, (object) $item, 0, (object) $args );

-		$this->assertSame( "<li id=\"menu-item-{$post_id}\" class=\"menu-item-{$post_id}\"><a target=\"_blank\" rel=\"noopener noreferrer\">{$post_title}</a>", $expected );
+		$this->assertSame( "<li id=\"menu-item-{$post_id}\" class=\"menu-item-{$post_id}\"><a target=\"_blank\" rel=\"noopener\">{$post_title}</a>", $expected );
 	}

 	/**
--- a/tests/phpunit/tests/privacy/wpPrivacyGeneratePersonalDataExportFile.php
+++ b/tests/phpunit/tests/privacy/wpPrivacyGeneratePersonalDataExportFile.php
@@ -478,7 +478,7 @@ class Tests_Privacy_WpPrivacyGeneratePersonalDataExportFile extends WP_UnitTestC
 						),
 						array(
 							'name'  => 'Comment URL',
-							'value' => '<a href="http://localhost:8888/46894/2020/01/31/hello-world/#comment-2" target="_blank" rel="noreferrer noopener">http://localhost:8888/46894/2020/01/31/hello-world/#comment-2</a>',
+							'value' => '<a href="http://localhost:8888/46894/2020/01/31/hello-world/#comment-2" target="_blank" rel="noopener">http://localhost:8888/46894/2020/01/31/hello-world/#comment-2</a>',
 						),
 					),
 					'comment-3' => array(
@@ -508,7 +508,7 @@ class Tests_Privacy_WpPrivacyGeneratePersonalDataExportFile extends WP_UnitTestC
 						),
 						array(
 							'name'  => 'Comment URL',
-							'value' => '<a href="http://localhost:8888/46894/2020/01/31/hello-world/#comment-3" target="_blank" rel="noreferrer noopener">http://localhost:8888/46894/2020/01/31/hello-world/#comment-3</a>',
+							'value' => '<a href="http://localhost:8888/46894/2020/01/31/hello-world/#comment-3" target="_blank" rel="noopener">http://localhost:8888/46894/2020/01/31/hello-world/#comment-3</a>',
 						),
 					),
 				),
@@ -620,7 +620,7 @@ class Tests_Privacy_WpPrivacyGeneratePersonalDataExportFile extends WP_UnitTestC
 						),
 						array(
 							'name'  => 'Comment URL',
-							'value' => '<a href="http://localhost:8888/46894/2020/01/31/hello-world/#comment-2" target="_blank" rel="noreferrer noopener">http://localhost:8888/46894/2020/01/31/hello-world/#comment-2</a>',
+							'value' => '<a href="http://localhost:8888/46894/2020/01/31/hello-world/#comment-2" target="_blank" rel="noopener">http://localhost:8888/46894/2020/01/31/hello-world/#comment-2</a>',
 						),
 					),
 				),
--- a/tests/phpunit/tests/rest-api/rest-attachments-controller.php
+++ b/tests/phpunit/tests/rest-api/rest-attachments-controller.php
@@ -1162,12 +1162,12 @@ class WP_Test_REST_Attachments_Controller extends WP_Test_REST_Post_Type_Control
 						'rendered' => '<a href="#">link</a>',
 					),
 					'description' => array(
-						'raw'      => '<a href="#" target="_blank" rel="noopener noreferrer">link</a>',
-						'rendered' => '<p><a href="#" target="_blank" rel="noopener noreferrer">link</a></p>',
+						'raw'      => '<a href="#" target="_blank" rel="noopener">link</a>',
+						'rendered' => '<p><a href="#" target="_blank" rel="noopener">link</a></p>',
 					),
 					'caption'     => array(
-						'raw'      => '<a href="#" target="_blank" rel="noopener noreferrer">link</a>',
-						'rendered' => '<p><a href="#" target="_blank" rel="noopener noreferrer">link</a></p>',
+						'raw'      => '<a href="#" target="_blank" rel="noopener">link</a>',
+						'rendered' => '<p><a href="#" target="_blank" rel="noopener">link</a></p>',
 					),
 				),
 			),
--- a/tests/phpunit/tests/rest-api/rest-posts-controller.php
+++ b/tests/phpunit/tests/rest-api/rest-posts-controller.php
@@ -3696,12 +3696,12 @@ class WP_Test_REST_Posts_Controller extends WP_Test_REST_Post_Type_Controller_Te
 						'rendered' => '<a href="#">link</a>',
 					),
 					'content' => array(
-						'raw'      => '<a href="#" target="_blank" rel="noopener noreferrer">link</a>',
-						'rendered' => '<p><a href="#" target="_blank" rel="noopener noreferrer">link</a></p>',
+						'raw'      => '<a href="#" target="_blank" rel="noopener">link</a>',
+						'rendered' => '<p><a href="#" target="_blank" rel="noopener">link</a></p>',
 					),
 					'excerpt' => array(
-						'raw'      => '<a href="#" target="_blank" rel="noopener noreferrer">link</a>',
-						'rendered' => '<p><a href="#" target="_blank" rel="noopener noreferrer">link</a></p>',
+						'raw'      => '<a href="#" target="_blank" rel="noopener">link</a>',
+						'rendered' => '<p><a href="#" target="_blank" rel="noopener">link</a></p>',
 					),
 				),
 			),
--- a/tests/phpunit/tests/widgets/custom-html-widget.php
+++ b/tests/phpunit/tests/widgets/custom-html-widget.php
@@ -304,7 +304,7 @@ class Test_WP_Widget_Custom_HTML extends WP_UnitTestCase {
 	}

 	/**
-	 * Ensure that rel="noopener noreferrer" is added to links with a target.
+	 * Ensure that rel="noopener" is added to links with a target.
 	 *
 	 * @ticket 46421
 	 */
@@ -326,11 +326,11 @@ class Test_WP_Widget_Custom_HTML extends WP_UnitTestCase {
 		);

 		$output = get_echo( array( $widget, 'widget' ), array( $args, $instance ) );
-		$this->assertContains( 'rel="noopener noreferrer"', $output );
+		$this->assertContains( 'rel="noopener"', $output );
 	}

 	/**
-	 * Ensure that rel="noopener noreferrer" is not added to links without a target.
+	 * Ensure that rel="noopener" is not added to links without a target.
 	 *
 	 * @ticket 46421
 	 */
@@ -352,7 +352,7 @@ class Test_WP_Widget_Custom_HTML extends WP_UnitTestCase {
 		);

 		$output = get_echo( array( $widget, 'widget' ), array( $args, $instance ) );
-		$this->assertNotContains( 'rel="noopener noreferrer"', $output );
+		$this->assertNotContains( 'rel="noopener"', $output );
 	}

 }
--- a/tests/phpunit/tests/widgets/media-image-widget.php
+++ b/tests/phpunit/tests/widgets/media-image-widget.php
@@ -542,7 +542,7 @@ class Test_WP_Widget_Media_Image extends WP_UnitTestCase {

 		$this->assertContains( '<a href="https://example.org"', $output );
 		$this->assertContains( 'target="_blank"', $output );
-		$this->assertContains( 'rel="noopener noreferrer"', $output );
+		$this->assertContains( 'rel="noopener"', $output );

 		// Populate caption in attachment.
 		wp_update_post(
--- a/tests/phpunit/tests/widgets/text-widget.php
+++ b/tests/phpunit/tests/widgets/text-widget.php
@@ -1003,7 +1003,7 @@ class Test_WP_Widget_Text extends WP_UnitTestCase {
 	}

 	/**
-	 * Ensure that rel="noopener noreferrer" is added to links with a target.
+	 * Ensure that rel="noopener" is added to links with a target.
 	 *
 	 * @ticket 46421
 	 */
@@ -1026,11 +1026,11 @@ class Test_WP_Widget_Text extends WP_UnitTestCase {

 		$output = get_echo( array( $widget, 'widget' ), array( $args, $instance ) );

-		$this->assertContains( 'rel="noopener noreferrer"', $output );
+		$this->assertContains( 'rel="noopener"', $output );
 	}

 	/**
-	 * Ensure that rel="noopener noreferrer" is not added to links without a target.
+	 * Ensure that rel="noopener" is not added to links without a target.
 	 *
 	 * @ticket 46421
 	 */
@@ -1053,6 +1053,6 @@ class Test_WP_Widget_Text extends WP_UnitTestCase {

 		$output = get_echo( array( $widget, 'widget' ), array( $args, $instance ) );

-		$this->assertNotContains( 'rel="noopener noreferrer"', $output );
+		$this->assertNotContains( 'rel="noopener"', $output );
 	}
 }