From e472d538b5a9dd059db927f731a03359561f2e7a Mon Sep 17 00:00:00 2001
From: devinvaughan <arrow3513341iryna@gmail.com>
Date: Mon, 8 Dec 2025 15:58:29 +0100
Subject: [PATCH 1/2] Update ButtonWithLink.tsx

When ButtonWithLink is used with target="_blank" and no rel, the anchor did not
include rel="noopener noreferrer". This change adds a default rel for _blank
links to prevent tab-nabbing while still respecting any explicit rel passed in.
---
 apps/web/src/components/Button/ButtonWithLink.tsx | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/apps/web/src/components/Button/ButtonWithLink.tsx b/apps/web/src/components/Button/ButtonWithLink.tsx
index 2742905073e..f7336e145c6 100644
--- a/apps/web/src/components/Button/ButtonWithLink.tsx
+++ b/apps/web/src/components/Button/ButtonWithLink.tsx
@@ -29,11 +29,16 @@ export function ButtonWithLink({
 
   ...buttonProps
 }: ButtonWithLinkProps) {
+  // If the link opens in a new tab and no rel is specified,
+  // default to "noopener noreferrer" to prevent tab-nabbing.
+  const computedRel =
+    rel ?? (target === '_blank' ? 'noopener noreferrer' : undefined);
+
   return (
     <Link
       href={href}
       target={target}
-      rel={rel}
+      rel={computedRel}
       className={`${linkClassNames}${disabled ? ' pointer-events-none' : ''}`}
       {...linkProps}
     >
@@ -52,3 +57,4 @@ export function ButtonWithLink({
     </Link>
   );
 }
+

From acc5b74f689baa6c2e944fb0631fa6e26f9e4a3b Mon Sep 17 00:00:00 2001
From: devinvaughan <arrow3513341iryna@gmail.com>
Date: Mon, 8 Dec 2025 16:03:49 +0100
Subject: [PATCH 2/2] Update ButtonWithLink.tsx

---
 apps/web/src/components/Button/ButtonWithLink.tsx | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/apps/web/src/components/Button/ButtonWithLink.tsx b/apps/web/src/components/Button/ButtonWithLink.tsx
index f7336e145c6..9f3fed22d16 100644
--- a/apps/web/src/components/Button/ButtonWithLink.tsx
+++ b/apps/web/src/components/Button/ButtonWithLink.tsx
@@ -29,10 +29,10 @@ export function ButtonWithLink({
 
   ...buttonProps
 }: ButtonWithLinkProps) {
-  // If the link opens in a new tab and no rel is specified,
-  // default to "noopener noreferrer" to prevent tab-nabbing.
-  const computedRel =
-    rel ?? (target === '_blank' ? 'noopener noreferrer' : undefined);
+// If the link opens in a new tab and no rel is specified,
+// default to "noopener noreferrer" to prevent tab-nabbing.
+const computedRel =
+  rel ?? (target === '_blank' ? 'noopener noreferrer' : undefined);
 
   return (
     <Link