# target attribute

## Overview

The [target](https://developer.mozilla.org/en-US/docs/Web/HTML/Element/a) attribute specifies where to display the linked URL as a name for the browsing context (a tab, window, or `<iframe>`). The following keywords have special meanings for where to load the URL:

* `_self` - the current browsing context, by default.
* `_blank` - usually a new tab, but users can configure browsers to open a new window instead.
* `_parent` - the parent browsing context of the current one, if no parent, behaves as `_self`.
* `_top` - the topmost browsing context (the "highest" context that’s an ancestor of the current one), if no ancestors, behaves as `_self`.

## \_blank

Using `target=_blank` allows the linked page to get partial access to the source page through the [window.opener](https://developer.mozilla.org/en-US/docs/Web/API/Window/opener) API. The newly opened tab can then change the `window.opener.location` to a phishing page or execute JavaScript on the opener page.

{% hint style="info" %}
In newer browser versions (e.g. Firefox 79+) setting target="\_blank" on `<a>` elements implicitly provides the same `rel` behavior as setting `rel="noopener"`.
{% endhint %}

## References

* [Target="\_blank" — the most underestimated vulnerability ever](https://medium.com/@jitbit/target-blank-the-most-underestimated-vulnerability-ever-96e328301f4c)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://0xn3va.gitbook.io/cheat-sheets/web-application/html-injection/target.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.