Add or modify rule for no target="_blank" to include form elements

[jmarthernandez]

      <form
        method="POST"
        action={url}
        target="_blank"
      >
          <formStuff />
      </form>

I could be wrong but isn't a form post open to the same vulnerabilities as a with target="_blank". The current implementation doesn't flag this.

[ljharb]

Yes, that's a fair point.

[jmarthernandez]

Would it make sense to add to the current rule or add a new one? I could help out with that

[ljharb]

I think an option added to the current rule would be great; we could default it to false for now and true in a later semver-major PR.