Comment 2 for bug 1559239

Hi,

On Fri, Mar 18, 2016 at 3:18 PM, Yamil <email address hidden> wrote:
> Galen, out of curiosity and for documenting what had been done (and how)
> so far, can you comment on what types of code queries you ran? In case a
> few of us run the same exact search, and thus all come up with the same
> results.

cd Evergreen
git grep target=._|grep -v target=._self

> Also, I had previously thought about making 856 tags links open in a new
> window. I suspect that is something we might want to advice against?

Correct.

> Finally, here is some info on one way, of many, to change for those that are curious (I was)...
> https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy

Same origin policy isn't enough -- opening
http://example.com/malicious.html in a new window will still give
malicious code on that page access to window.opener.location and the
ability to point the source window at a different URL.