{"id":16831937,"url":"https://github.com/MaybeThisIsRu/eleventy-plugin-safe-external-links","last_synced_at":"2025-11-07T10:30:30.372Z","repository":{"id":42774045,"uuid":"276024123","full_name":"MaybeThisIsRu/eleventy-plugin-safe-external-links","owner":"MaybeThisIsRu","description":"Stop XSS attacks by preventing access to origin window for links that open in a new tab/window.","archived":false,"fork":false,"pushed_at":"2023-03-05T03:15:18.000Z","size":28524,"stargazers_count":6,"open_issues_count":5,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-02-18T05:12:31.684Z","etag":null,"topics":["11ty","eleventy","external-links","links","security"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/MaybeThisIsRu.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2020-06-30T07:06:06.000Z","updated_at":"2023-03-04T10:47:25.000Z","dependencies_parsed_at":"2024-01-02T11:48:04.728Z","dependency_job_id":"4e2b43c7-4e69-48f2-ad21-21fed92cb59b","html_url":"https://github.com/MaybeThisIsRu/eleventy-plugin-safe-external-links","commit_stats":null,"previous_names":["hirusi/eleventy-plugin-safe-external-links"],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MaybeThisIsRu%2Feleventy-plugin-safe-external-links","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MaybeThisIsRu%2Feleventy-plugin-safe-external-links/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MaybeThisIsRu%2Feleventy-plugin-safe-external-links/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MaybeThisIsRu%2Feleventy-plugin-safe-external-links/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/MaybeThisIsRu","download_url":"https://codeload.github.com/MaybeThisIsRu/eleventy-plugin-safe-external-links/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239526443,"owners_count":19653535,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["11ty","eleventy","external-links","links","security"],"created_at":"2024-10-13T11:46:59.254Z","updated_at":"2025-11-07T10:30:30.295Z","avatar_url":"https://github.com/MaybeThisIsRu.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Eleventy Plugin Safe External Links\n\n![npm version](https://badge.fury.io/js/%40hirusi%2Feleventy-plugin-safe-external-links.svg)\n![npm downloads](https://img.shields.io/npm/dw/@hirusi/eleventy-plugin-safe-external-links)\n\n[Eleventy plugin](https://www.11ty.dev/docs/plugins/) ensuring that external links always contain `rel=\"noopener\"`, `rel=\"noreferrer\"`, which are [potentially unsafe otherwise](https://web.dev/external-anchors-use-rel-noopener/).\n\n## Installing\n\n```bash\nnpm install @hirusi/eleventy-plugin-safe-external-links\n```\n\nThis has only been tested with Eleventy 0.11.0 and would ideally be kept up to date with only future releases of Eleventy.\n\n## Usage\n\n```js\nconst safeExternalLinks = require(\"@hirusi/eleventy-plugin-safe-external-links\")\n\nmodule.exports = function (eleventyConfig) {\n\n  eleventyConfig.addPlugin(safeExternalLinks, {\n    pattern: \"https{0,1}://\", // RegExp pattern for external links\n    noopener: true, // Whether to include noopener\n    noreferrer: false, // Whether to include noreferrer\n    files: [\n      // What output file extensions to work on\n      \".html\",\n    ],\n  });\n  \n}\n```\n\nIncluding noreferrer in your external links is optional. Please see [more on this in an article by pointjupiter.com here](https://pointjupiter.com/what-noopener-noreferrer-nofollow-explained/), as pointed out by [@grempe](https://github.com/grempe/). As always, please do your own research as well and make an informed choice. 😊\n\n## Differences from chromeos/static-site-scaffold-modules/modules/eleventy-plugin-safe-external-links\n\n* This is not a mono-repo. Easier to manage and release updates.\n* Ignores files where `permalink` is set to `false`.\n* Fixes an issue where the plugin would empty everything but the body of the page `content`. ([see issue with cheerio](https://github.com/cheeriojs/cheerio/issues/1031))\n* Adds `_blank` target to external links, __unless `noopener` is set to false.__\n* Adds `_blank` target to external links already carrying `noopener` rel __(ignores `noopener` option)__\n* Updated tests.\n* Updated README.\n\n## Versioning\n\nI intend to keep this up to date with the original repo as best as I can. The patch and minor fields from the source repo would be combined - `0.1.4` would change to `0.14.0`. The patch field then would reflect my changes on top of it for that minor release - `0.14.1`.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FMaybeThisIsRu%2Feleventy-plugin-safe-external-links","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FMaybeThisIsRu%2Feleventy-plugin-safe-external-links","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FMaybeThisIsRu%2Feleventy-plugin-safe-external-links/lists"}