You are here

W3C Trusted Types Spec WIP API

This W3C API is a Trusted Types Specification that is compilation time analysis for code that ensures only certain types can be used with various DOM APIs, and used as DOM-based XSS sinks. It provides a way for combating DOM-based XSS attacks by relying on a set of typed objects instead of strings to represent HTML snippets, URLs and more. The World Wide Web Consortium develops interoperable technologies that includes specifications, guidelines, software, tools and more.