{"id":25881,"library":"lint-target-blank","title":"lint-target-blank","description":"A lightweight linting tool for detecting the target=\"_blank\" vulnerability in HTML anchor tags where missing rel=\"noopener noreferrer\" allows the opened page to access the opener's window via window.opener. The package provides a simple API to parse HTML strings and return errors for insecure links. It is at version 0.1.1 with a minimal footprint and no dependencies. Compared to full-fledged HTML validators or linters like ESLint plugins, this is a focused, single-purpose module for quick checks during development or build processes.","status":"active","version":"0.1.1","language":"javascript","source_language":"en","source_url":"https://github.com/chilliwilly77/lint-target-blank","tags":["javascript","grunt","lint","target","_blank","noopener","noreferrer","html"],"install":[{"cmd":"npm install lint-target-blank","lang":"bash","label":"npm"},{"cmd":"yarn add lint-target-blank","lang":"bash","label":"yarn"},{"cmd":"pnpm add lint-target-blank","lang":"bash","label":"pnpm"}],"dependencies":[],"imports":[{"note":"Package uses CommonJS require; no ESM exports are provided.","wrong":"import LintTargetBlank from 'lint-target-blank';","symbol":"LintTargetBlank","correct":"const LintTargetBlank = require('lint-target-blank');"},{"note":"Constructor expects an options object; passing no argument may cause undefined errors.","wrong":"const lintTargetBlank = new LintTargetBlank();","symbol":"LintTargetBlank instance","correct":"const lintTargetBlank = new LintTargetBlank({});"},{"note":"The lint method is synchronous and returns an array of error objects directly, not via callback.","wrong":"const errors = lintTargetBlank.lint(htmlString, callback);","symbol":"lint method","correct":"const errors = lintTargetBlank.lint(htmlString);"}],"quickstart":{"code":"const LintTargetBlank = require('lint-target-blank');\nconst lintTargetBlank = new LintTargetBlank({});\nconst html = `\n<div>\n  <a href=\"https://example.com\" target=\"_blank\">Click</a>\n</div>`;\nconst errors = lintTargetBlank.lint(html);\nconsole.log(errors);\n// Output:\n// [ { line: 2, column: 16, message: 'Missing rel=\"noopener noreferrer\" on target=\"_blank\" link' } ]","lang":"javascript","description":"Shows how to require the module, create an instance, and lint an HTML string for insecure target=\"_blank\" links."},"warnings":[{"fix":"Always pass an empty object `{}` or an options object with configuration.","message":"The constructor expects an options object; calling `new LintTargetBlank()` without arguments may cause runtime errors if internal code accesses properties.","severity":"gotcha","affected_versions":"0.1.0 - 0.1.1"},{"fix":"Iterate over the returned array to access individual errors.","message":"The `lint` method returns an array of error objects, not a boolean or count. New users may expect a different return format.","severity":"gotcha","affected_versions":"all"},{"fix":"Consider using a proper HTML parser (e.g., cheerio) for more accurate linting.","message":"The package does not parse real HTML; it uses a regex-based approach that may produce false positives or miss edge cases (e.g., dynamic attributes).","severity":"gotcha","affected_versions":"all"}],"env_vars":null,"last_verified":"2026-05-01T00:00:00.000Z","next_check":"2026-07-30T00:00:00.000Z","problems":[{"fix":"Use `const LintTargetBlank = require('lint-target-blank');` instead of `import`.","cause":"Using ES module import syntax with a CommonJS package.","error":"TypeError: LintTargetBlank is not a constructor"},{"fix":"Always pass a string to the `lint` method.","cause":"Calling `lint()` without an argument or with undefined.","error":"Cannot read property 'length' of undefined"}],"ecosystem":"npm","meta_description":null,"install_score":null,"install_tag":null,"quickstart_score":null,"quickstart_tag":null}