#18685: fix(ui): prevent tabnabbing in chat images

## Summary - Problem: opening chat images with `window.open` allows tabnabbing via `window.opener`. - Why it matters: an external tab can redirect or manipulate the original app (phishing). - What changed: use `noopener,noreferrer` and force `opener = null`. - What did NOT change (scope boundary): no changes to image rendering or loading. ## Change Type (select all) - [x] Bug fix - [ ] Feature - [ ] Refactor - [ ] Docs - [x] Security hardening - [ ] Chore/infra ## Scope (select all touched areas) - [ ] Gateway / orchestration - [ ] Skills / tool execution - [ ] Auth / tokens - [ ] Memory / storage - [ ] Integrations - [ ] API / contracts - [x] UI / DX - [ ] CI/CD / infra ## Linked Issue/PR - Closes # - Related # ## User-visible / Behavior Changes - Opening chat images now opens a new tab without access to `window.opener`. ## Security Impact (required) - New permissions/capabilities? (`No`) - Secrets/tokens handling changed? (`No`) - New/changed network calls? (`No`) - Command/tool execution surface changed? (`No`) - Data access scope changed? (`No`) - If any `Yes`, explain risk + mitigation: ## Repro + Verification ### Environment - OS: Windows 10 - Runtime/container: N/A - Model/provider: N/A - Integration/channel (if any): N/A - Relevant config (redacted): N/A ### Steps 1. Open a chat image. 2. Verify the opened tab has no access to `window.opener`. ### Expected - `window.opener` is `null` in the opened tab. ### Actual - `window.opener` is `null` in the opened tab. ## Evidence Attach at least one: - [ ] Failing test/log before + passing after - [ ] Trace/log snippets - [ ] Screenshot/recording - [ ] Perf numbers (if relevant) ## Human Verification (required) - Verified scenarios: clicking a chat image opens a new tab without `opener`. - Edge cases checked: N/A - What you did **not** verify: other browsers. ## Compatibility / Migration - Backward compatible? (`Yes`) - Config/env changes? (`No`) - Migration needed? (`No`) - If yes, exact upgrade steps: ## Failure Recovery (if this breaks) - How to disable/revert this change quickly: revert commit. - Files/config to restore: `ui/src/ui/chat/grouped-render.ts` - Known bad symptoms reviewers should watch for: N/A ## Risks and Mitigations - Risk: None. - Mitigation: N/A <!-- greptile_comment --> <h3>Greptile Summary</h3> Adds tabnabbing protection to the chat image click handler in `grouped-render.ts`. The previous `window.open(url, "_blank")` call gave the opened tab access to `window.opener`, which could be exploited for phishing by redirecting or manipulating the original app tab. The fix passes `noopener,noreferrer` as window features and adds a fallback `opener = null` assignment for defense-in-depth in older browsers. - Extracts image-open logic into a dedicated `openImage` helper with security hardening - No functional or rendering changes; only the security posture of the new-tab open is affected - The change is minimal, scoped, and follows standard browser security best practices <h3>Confidence Score: 5/5</h3> - This PR is safe to merge — it applies a standard, well-understood browser security pattern with no behavioral side effects. - The change is a single-file, minimal security hardening that adds `noopener,noreferrer` to a `window.open` call. It introduces no new logic, no new dependencies, and no behavioral changes beyond removing the opener reference. The pattern is standard and widely recommended by OWASP and browser security guidelines. - No files require special attention. _{Last reviewed commit: 4ee26ff} <!-- greptile_other_comments_section --> _{(3/5) Reply to the agent's comments like "Can you suggest a fix for this @greptileai?" or ask follow-up questions!} <!-- /greptile_comment -->