A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
-
Updated
Jul 15, 2026 - JavaScript
A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
Injects a trusted types policy into an HTML page to log all DOM sinks whenever HTML is written into the DOM.
A Symfony bundle providing web security features in the form of COOP, COEP, Fetch Metadata and Trusted types
Chrome DevTools extension for accelerating Trusted Types adoption with real-time CSP violation monitoring, sink analysis, policy generation, and developer-focused DOM XSS remediation workflows.
A test suite to find what APIs are covered by Trusted Types
Demo website showcasing Trusted Types for CSP
Small example with few endpoints used to test AdGuard AdBlocker compatibility with trusted types headers.
Demonstração prática do uso da API Trusted Types (CSP Level 3) e DOMPurify para evitar vulnerabilidades de Cross-Site Scripting (XSS) ao atribuir código inseguro ao DOM (ex: innerHTML).
A comprehensive, free technical reference for Subresource Integrity (SRI) and web supply-chain hardening — hash generation, CDN trust mapping, CSP & Trusted Types, SBOMs, dependency provenance, and vulnerability triage.
Portal seguro com autenticação biométrica WebAuthn,implementando Content Security Policy, Trusted Types e auditoria completa para proteção contra ameaças modernas.
A polyfill for the Trusted Types API
Universal Markdown Exporter userscript with full development artifacts, examples, captures, and Greasy Fork history.
Add a description, image, and links to the trusted-types topic page so that developers can more easily learn about it.
To associate your repository with the trusted-types topic, visit your repo's landing page and select "manage topics."