diff --git a/library/HTMLPurifier.includes.php b/library/HTMLPurifier.includes.php
index fdb58c2d..de8d82d2 100644
--- a/library/HTMLPurifier.includes.php
+++ b/library/HTMLPurifier.includes.php
@@ -132,6 +132,7 @@ require 'HTMLPurifier/AttrTransform/Length.php';
require 'HTMLPurifier/AttrTransform/Name.php';
require 'HTMLPurifier/AttrTransform/NameSync.php';
require 'HTMLPurifier/AttrTransform/Nofollow.php';
+require 'HTMLPurifier/AttrTransform/Noreferrer.php';
require 'HTMLPurifier/AttrTransform/SafeEmbed.php';
require 'HTMLPurifier/AttrTransform/SafeObject.php';
require 'HTMLPurifier/AttrTransform/SafeParam.php';
@@ -163,6 +164,7 @@ require 'HTMLPurifier/HTMLModule/List.php';
require 'HTMLPurifier/HTMLModule/Name.php';
require 'HTMLPurifier/HTMLModule/Nofollow.php';
require 'HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php';
+require 'HTMLPurifier/HTMLModule/Noreferrer.php';
require 'HTMLPurifier/HTMLModule/Object.php';
require 'HTMLPurifier/HTMLModule/Presentation.php';
require 'HTMLPurifier/HTMLModule/Proprietary.php';
diff --git a/library/HTMLPurifier.safe-includes.php b/library/HTMLPurifier.safe-includes.php
index 9dea6d1e..0f1e7ebb 100644
--- a/library/HTMLPurifier.safe-includes.php
+++ b/library/HTMLPurifier.safe-includes.php
@@ -126,6 +126,7 @@ require_once $__dir . '/HTMLPurifier/AttrTransform/Length.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/Name.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/NameSync.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/Nofollow.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform/Noreferrer.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/SafeEmbed.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/SafeObject.php';
require_once $__dir . '/HTMLPurifier/AttrTransform/SafeParam.php';
@@ -157,6 +158,7 @@ require_once $__dir . '/HTMLPurifier/HTMLModule/List.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Name.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Nofollow.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Noreferrer.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Object.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Presentation.php';
require_once $__dir . '/HTMLPurifier/HTMLModule/Proprietary.php';
diff --git a/library/HTMLPurifier/AttrTransform/Noreferrer.php b/library/HTMLPurifier/AttrTransform/Noreferrer.php
new file mode 100644
index 00000000..e877408c
--- /dev/null
+++ b/library/HTMLPurifier/AttrTransform/Noreferrer.php
@@ -0,0 +1,42 @@
+parser = new HTMLPurifier_URIParser();
+ }
+
+ /**
+ * @param array $attr
+ * @param HTMLPurifier_Config $config
+ * @param HTMLPurifier_Context $context
+ * @return array
+ */
+ public function transform($attr, $config, $context)
+ {
+ // Nothing to do If we already have noreferrer in the rel attribute
+ if (!empty($attr['rel']) && substr($attr['rel'], 'noreferrer') !== false) {
+ return $attr;
+ }
+
+ // If _blank target attribute exists, add rel=noreferrer
+ if (!empty($attr['target']) && $attr['target'] == '_blank') {
+ $attr['rel'] = !empty($attr['rel']) ? $attr['rel'] . ' noreferrer' : 'noreferrer';
+ }
+
+ return $attr;
+ }
+}
+
diff --git a/library/HTMLPurifier/ConfigSchema/schema.ser b/library/HTMLPurifier/ConfigSchema/schema.ser
index 30785dcf..0a42627c 100644
Binary files a/library/HTMLPurifier/ConfigSchema/schema.ser and b/library/HTMLPurifier/ConfigSchema/schema.ser differ
diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.Noreferrer.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.Noreferrer.txt
new file mode 100644
index 00000000..5389ffe7
--- /dev/null
+++ b/library/HTMLPurifier/ConfigSchema/schema/HTML.Noreferrer.txt
@@ -0,0 +1,7 @@
+HTML.Noreferrer
+TYPE: bool
+VERSION: 4.3.0
+DEFAULT: FALSE
+--DESCRIPTION--
+If enabled, noreferrer rel attributes are added to all outgoing links.
+--# vim: et sw=4 sts=4
diff --git a/library/HTMLPurifier/HTMLModule/Noreferrer.php b/library/HTMLPurifier/HTMLModule/Noreferrer.php
new file mode 100644
index 00000000..3f9a76e1
--- /dev/null
+++ b/library/HTMLPurifier/HTMLModule/Noreferrer.php
@@ -0,0 +1,21 @@
+addBlankElement('a');
+ $a->attr_transform_post[] = new HTMLPurifier_AttrTransform_Noreferrer();
+ }
+}
\ No newline at end of file
diff --git a/library/HTMLPurifier/HTMLModuleManager.php b/library/HTMLPurifier/HTMLModuleManager.php
index f3a17cb0..44406688 100644
--- a/library/HTMLPurifier/HTMLModuleManager.php
+++ b/library/HTMLPurifier/HTMLModuleManager.php
@@ -268,6 +268,9 @@ class HTMLPurifier_HTMLModuleManager
if ($config->get('HTML.Nofollow')) {
$modules[] = 'Nofollow';
}
+ if ($config->get('HTML.Noreferrer')) {
+ $modules[] = 'Noreferrer';
+ }
if ($config->get('HTML.TargetBlank')) {
$modules[] = 'TargetBlank';
}