-
### Affected Packages
core
### Version(s)
2.7.2
### Bug Description
Setting [required-trusted-types-for](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/require-…
-
### Is your feature request related to a problem? Please describe.
The module seemingly does not support the [require-trusted-types-for](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cont…
-
### Bug description
I'm trying to use a CSP rule with trusted-types and I have an error that I'm not able to fix with angular-fontawesome.
angular-fontawesome should support for the Trusted Types …
-
See e.g. https://jsfiddle.net/fhrpo2zj/2/.
The spec covers this, since "type" in [1] may be "form-submission" and [2] is fully exercised for that type.
CC @lukewarlow, @otherdaniel
[1] https…
-
Step 4 of [1]. It's passed a synthetic request from step 5 of [2].
CC @otherdaniel, @evilpie, @lukewarlow
[1] https://w3c.github.io/trusted-types/dist/spec/#require-trusted-types-for-pre-naviga…
-
https://w3c.github.io/trusted-types/dist/spec/#get-trusted-type-compliant-string-algorithm step 3 returns if no trusted types are required.
That section is normative. The non-normative section abou…
-
## What
[Trusted Types](https://web.dev/articles/trusted-types) are a relatively new browser feature designed to the DOM XSS attack surface of a website or web app. They are enforced by setting [ne…
-
It would be nice to have handling for: the ~~[`trusted-types`](https://w3c.github.io/webappsec-trusted-types/dist/spec/#trusted-types-csp-directive)~~ [`trusted-types`](https://www.w3.org/TR/trusted-t…
-
E.g. from https://html.spec.whatwg.org/#the-insertadjacenthtml()-method.
"Get Trusted Type compliant string" [1] invokes "Should sink type mismatch violation be blocked by Content Security Policy?…
-
TC39 recently discussed Array.isTemplateObject, a feature to enable TT to allow literal HTML/JS strings. See the notes at https://github.com/tc39/notes/blob/main/meetings/2024-04/april-10.md#arrayiste…