### One-sentence description <!-- What breaks --> Always set `rel="noopener"` with `target = "_blank"` for external domains. ### Why <!-- Please write what is happening and how we could reproduce it, if relevant --> <!-- 1. Step 1 2. Step 2 3. ??? 4. Breakage --> Using `target="_blank"` without `rel="noopener"` for external domains is a security vulnerability. * [source](https://www.tutorialdocs.com/article/html-opener-blank.html) * [source](https://developers.google.com/web/tools/lighthouse/audits/noopener) ### Expected behaviour <!-- Please write how what happened did not meet your expectations --> `a` tags containing `target="_blank"` should also contain `rel="noopener noreferrer nofollow"`.