starred/markdig
1
0
Fork 0
mirror of https://github.com/xoofx/markdig.git synced 2026-02-03 21:36:36 +00:00
Code Issues 690 Packages Projects Releases 20 Wiki Activity

rel='noopener' and rel='nofollow' as an additional option for links #383

New Issue
Closed
opened 2026-01-29 14:35:27 +00:00 by claunia · 1 comment
claunia commented 2026-01-29 14:35:27 +00:00
Owner
Copy Link

Originally created by @Atulin on GitHub (Jul 30, 2020).

Markdig already comes bundled with an extension – .UseNoFollowLinks() – that ensures all links have rel='nofollow' attribute. .

Meanwhile, rel='noopener' ensures that the target won't be able to access the window object of the page linking to it, which could be a security issue, and rel='noreferrer' ensures that the target page doesn't know where the visit came from. It can break analytics if used for internal links, but can be desired for user-generated content.

Proposed solution A:

Two more extensions, each adding its respective rel with .UseNoOpenerLinks() and .UseNoReferrerLinks(). It's a bit verbose and might have some impact on performance, but it's fully backwards-compatible.

Proposed solution B:

All three extensions merged into one, .UseAdvancedLinks(), possibly with something akin to the following signature:

UseAdvancedLinks(bool nofollow = false, bool noopener = false, bool noreferrer = false)

which could be used with named parameters: .UseAdvancedLinks(noreferrer: true, nofollow: true). This cuts down on the verbosity and could be a bit more performant since all three attributes could be set in a single pass, but the issue might be backwards compatibility – should .UseNoFollowLinks() be dropped – or redundancy – should it exist besides .UseNoFollowLinks().

I tried implementing it myself (you can see my attempt here), but it turned out to be a task a bit too big for me. Perhaps some bigger brain will be able to implement it in a way that actually works.

Originally created by @Atulin on GitHub (Jul 30, 2020). Markdig already comes bundled with an extension – `.UseNoFollowLinks()` – that ensures all links have `rel='nofollow'` attribute. . Meanwhile, `rel='noopener'` ensures that the target won't be able to access the window object of the page linking to it, which could be a security issue, and `rel='noreferrer'` ensures that the target page doesn't know where the visit came from. It can break analytics if used for internal links, but can be desired for user-generated content. **Proposed solution A:** Two more extensions, each adding its respective `rel` with `.UseNoOpenerLinks()` and `.UseNoReferrerLinks()`. It's a bit verbose and might have some impact on performance, but it's fully backwards-compatible. **Proposed solution B:** All three extensions merged into one, `.UseAdvancedLinks()`, possibly with something akin to the following signature: ```cs UseAdvancedLinks(bool nofollow = false, bool noopener = false, bool noreferrer = false) ``` which could be used with named parameters: `.UseAdvancedLinks(noreferrer: true, nofollow: true)`. This cuts down on the verbosity and could be a bit more performant since all three attributes could be set in a single pass, but the issue might be backwards compatibility – should `.UseNoFollowLinks()` be dropped – or redundancy – should it exist besides `.UseNoFollowLinks()`. I tried implementing it myself ([you can see my attempt here](https://github.com/Atulin/Markdig-Extensions)), but it turned out to be a task a bit too big for me. Perhaps some bigger brain will be able to implement it in a way that actually works.
claunia added the enhancementPR Welcome! labels 2026-01-29 14:35:27 +00:00
claunia commented 2026-01-29 14:35:29 +00:00
Author
Owner
Copy Link

@xoofx commented on GitHub (Jul 30, 2020):

Maybe an extension with UseReferalLinks(params string[] names) that you can use directly with UseReferalLinks("nofollow") while we would keep only UseNoFollowLinks() using internally the use UseReferalLinks.
I'm not in favor of the boolean approach, nor I think that an enum would be nice, as there are also several other possible values so keeping it simple should cover all future usecases.

Modifying the existing NoFollowLinks extension should not be complicated to turn it into a ReferalLinksExtension.

@xoofx commented on GitHub (Jul 30, 2020): Maybe an extension with `UseReferalLinks(params string[] names)` that you can use directly with `UseReferalLinks("nofollow")` while we would keep only `UseNoFollowLinks()` using internally the use `UseReferalLinks`. I'm not in favor of the boolean approach, nor I think that an enum would be nice, as there are also several [other possible values](https://developer.mozilla.org/en-US/docs/Web/HTML/Attributes/rel) so keeping it simple should cover all future usecases. Modifying the existing `NoFollowLinks` extension should not be complicated to turn it into a `ReferalLinksExtension`.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
documentation
enhancement
extension
Hacktoberfest
invalid
PR Welcome!
pull-request
Mirrored from GitHub Pull Request
 question
wontfix
No Label enhancement PR Welcome!
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
claunia
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/markdig#383
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?