<a target="_blank"> has implicit noopener as per spec.

kiding · kiding · commit 517d127ad14c · 2021-02-10T17:17:53.000+09:00
See: whatwg/html#4330 Removed the wordings that could imply the behavior is vendor-specific. Added links to Browser compatibility for easy reference.
diff --git a/files/en-us/web/api/window/opener/index.html b/files/en-us/web/api/window/opener/index.html
@@ -47,7 +47,7 @@ <h3 id="Value">Value</h3>
     <code>{{htmlattrxref("rel", "a")}}=noopener</code> on a link, or passing
     <code>noopener</code> in the {{domxref("Window.open", "windowFeatures")}} parameter.
   </li>
-  <li>From Firefox 79, windows opened because of links with a {{htmlattrxref("target",
+  <li>Windows opened because of links with a {{htmlattrxref("target",
     "a")}} of <code>_blank</code> don't get an <code>opener</code>, unless explicitly
     requested with <code>{{htmlattrxref("rel", "a")}}=opener</code>.</li>
   <li>Having a {{HTTPHeader("Cross-Origin-Opener-Policy")}} header with a value of
diff --git a/files/en-us/web/html/element/a/index.html b/files/en-us/web/html/element/a/index.html
@@ -94,7 +94,7 @@ <h2 id="Attributes">Attributes</h2>
  </div>
 
  <div class="note">
- <p><strong>Note:</strong> In newer browser versions (e.g. Firefox 79+) setting <code>target="_blank"</code> on <code>&lt;a&gt;</code> elements implicitly provides the same <code>rel</code> behavior as setting <code>rel="noopener"</code>.</p>
+ <p><strong>Note:</strong> Setting <code>target="_blank"</code> on <code>&lt;a&gt;</code> elements implicitly provides the same <code>rel</code> behavior as setting <code>rel="noopener"</code>. See <a href="#Browser_compatibility">browser compatibility</a> for support status.</p>
  </div>
  </dd>
  <dt id="type">{{HTMLAttrDef("type")}}</dt>
@@ -319,7 +319,7 @@ <h2 id="Security_and_privacy">Security and privacy</h2>
 
 <p><code>&lt;a&gt;</code> elements can have consequences for users’ security and privacy. See <a href="/en-US/docs/Web/Security/Referer_header:_privacy_and_security_concerns"><code>Referer</code> header: privacy and security concerns</a> for information.</p>
 
-<p>Using <code>target="_blank"</code> without <code>rel="noreferrer"</code> and <code>rel="noopener"</code> makes the website vulnerable to {{domxref("window.opener")}} API exploitation attacks (<a href="https://www.jitbit.com/alexblog/256-targetblank---the-most-underestimated-vulnerability-ever/">vulnerability description</a>), although note that, in newer browser versions (e.g. Firefox 79+) setting <code>target="_blank"</code> implicitly provides the same protection as setting <code>rel="noopener"</code>.</p>
+<p>Using <code>target="_blank"</code> without <code>rel="noreferrer"</code> and <code>rel="noopener"</code> makes the website vulnerable to {{domxref("window.opener")}} API exploitation attacks (<a href="https://www.jitbit.com/alexblog/256-targetblank---the-most-underestimated-vulnerability-ever/">vulnerability description</a>), although note that, in newer browser versions setting <code>target="_blank"</code> implicitly provides the same protection as setting <code>rel="noopener"</code>. See <a href="#browser_compatibility">browser compatibility</a> for details.</p>
 
 <h2 id="Accessibility">Accessibility</h2>
 
