-
Internal No Response
-
Internal Client Error (4XX)
-
Internal Server Error (5XX)
-
Internal Redirect Loop
-
Internal Blocked by Robots.txt
-
Internal Blocked Resource
-
Internal Redirect Chain
-
External Blocked Resource
-
Internal Redirection (3XX)
-
Internal Redirection (Meta Refresh)
-
Internal Redirection (JavaScript)
-
External No Response
-
External Client Error (4XX)
-
External Server Error (5XX)
-
HTTP URLs
-
Mixed Content
-
Form URL Insecure
-
Form On HTTP URL
-
Missing HSTS Header
-
Unsafe Cross Origin Links
-
Protocol-Relative Resource Links
-
Missing Content-Security-Policy Header
-
Missing X-Content-Type-Options Header
-
Missing X-Frames-Options Header
-
Missing Secure Referrer-Policy Header
-
Bad Content Type
-
Noindex Only in Original HTML
-
Nofollow Only in Original HTML
-
Canonical Mismatch
-
Uses Old AJAX Crawling Scheme URLs
-
Uses Old AJAX Crawling Scheme Meta Fragment Tag
-
Pages with Blocked Resources
-
Contains JavaScript Links
-
Contains JavaScript Content
-
Page Title Only in Rendered HTML
-
Page Title Updated by JavaScript
-
Meta Description Only in Rendered HTML
-
Meta Description Updated by JavaScript
-
H1 Only in Rendered HTML
-
H1 Updated by JavaScript
-
Canonical Only in Rendered HTML
-
Pages With JavaScript Errors
-
Outlinks To Localhost
-
Pages Without Internal Outlinks
-
Non-Indexable Page Inlinks Only
-
Internal Nofollow Outlinks
-
Pages With High External Outlinks
-
Pages With High Internal Outlinks
-
Follow & Nofollow Internal Inlinks To Page
-
Internal Nofollow Inlinks Only
-
Pages With High Crawl Depth
-
Internal Outlinks With No Anchor Text
-
Non-Descriptive Anchor Text In Internal Outlinks
-
Non-200 Response
-
Missing Non-AMP Return Link
-
Missing Canonical to Non-AMP
-
Non-Indexable Canonical
-
Missing <html amp> Tag
-
Missing/Invalid Doctype HTML Tag
-
Missing Head Tag
-
Missing Body Tag
-
Missing Canonical
-
Missing/Invalid Meta Charset Tag
-
Missing/Invalid Meta Viewport Tag
-
Missing/Invalid AMP Script
-
Missing/Invalid AMP Boilerplate
-
Contains Disallowed HTML
-
Other Validation Errors
-
Indexable
-
Eliminate Render-Blocking Resources
-
Properly Size Images
-
Defer Offscreen Images
-
Minify CSS
-
Minify JavaScript
-
Reduce Unused CSS
-
Reduce Unused JavaScript
-
Efficiently Encode Images
-
Serve Images in Next-Gen Formats
-
Enable Text Compression
-
Preconnect to Required Origin
-
Reduce Server Response Times (TTFB)
-
Preload Key Requests
-
Reduce JavaScript Execution Time
-
Serve Static Assets With An Efficient Cache Policy
-
Minimize Main-Thread Work
-
Image Elements Do Not Have Explicit Width & Height
-
Avoid Large Layout Shifts
-
Avoid Serving Legacy JavaScript to Modern Browsers
-
Avoid Multiple Page Redirects
-
Use Video Format for Animated Images
-
Avoid Excessive DOM Size
-
Ensure Text Remains Visible During Webfont Load
Unsafe Cross Origin Links
URLs that link to external websites using the target=”_blank” attribute (to open in a new tab), without using rel=”noopener” (or rel=”noreferrer”) at the same time.
Using target=”_blank” alone leaves those pages exposed to both security and performance issues for some legacy browsers, which are estimated to be below 5% of market share.
Setting target=”_blank” on <a> elements implicitly provides the same rel behaviour as setting rel=”noopener” which does not set window.opener for most modern browsers, such as Chrome, Safari, Firefox and Edge.
How to Analyse in the SEO Spider
Use the ‘Security’ tab and ‘Unsafe Cross-Origin Links’ filter to view these URLs.
The external links that contain the target=”_blank” attribute by itself can be viewed in the ‘Outlinks’ tab and ‘target’ column.
They can be exported alongside the pages they are linked from via ‘Bulk Export > Security > Unsafe Cross-Origin Links’.
What Triggers This Issue
This issue is triggered when a URL contains links to external websites using the target=”_blank” attribute (to open in a new tab), without using rel=”noopener” (or rel=”noreferrer”) at the same time.
For example:
<a href="https://www.screamingfrog.co.uk" target="_blank">Screaming Frog</a>
How To Fix
Consider the benefits of including rel=”noopener” link attribute on any links that contain the target=”_blank” attribute to avoid security and performance issues for the users of legacy browsers that may visit the website.
Further Reading
- Links to cross-origin destinations are unsafe - From Chrome for Developers
