A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.

Injects a trusted types policy into an HTML page to log all DOM sinks whenever HTML is written into the DOM.

A Symfony bundle providing web security features in the form of COOP, COEP, Fetch Metadata and Trusted types

Chrome DevTools extension for accelerating Trusted Types adoption with real-time CSP violation monitoring, sink analysis, policy generation, and developer-focused DOM XSS remediation workflows.

A test suite to find what APIs are covered by Trusted Types

Demonstração prática do uso da API Trusted Types (CSP Level 3) e DOMPurify para evitar vulnerabilidades de Cross-Site Scripting (XSS) ao atribuir código inseguro ao DOM (ex: innerHTML).

Trusted Types Demo

Demo website showcasing Trusted Types for CSP

Small example with few endpoints used to test AdGuard AdBlocker compatibility with trusted types headers.

Local-only operator readiness tracking with deliberate constraints and integrity-verified recovery.

A polyfill for the Trusted Types API

Portal seguro com autenticação biométrica WebAuthn,implementando Content Security Policy, Trusted Types e auditoria completa para proteção contra ameaças modernas.

🔒 Implement advanced biometric authentication using WebAuthn, CSP, and Trusted Types for a secure and modern user experience.