Contact emailsvogelh...@chromium.org Specificationhttps://w3c.github.io/trusted-types/dist/spec/#trusted-html
Summary Add a function to each "Trusted Type" to create an instance from a JavaScript template literal (but not from a dynamically computed string). This makes it easy to mark literals in the JavaScript source text as "trusted". Example: const html = TrustedHTML.fromLiteral`<p>Literal Text</p>`; Blink componentBlink>SecurityFeature>TrustedTypes <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3ESecurityFeature%3ETrustedTypes> TAG reviewn/a TAG review statusNot applicable Risks Interoperability and Compatibility *Gecko*: No signal. (Gecko has not implemented Trusted Types.) *WebKit*: No signal. (WebKit has not implemented Trusted Types.) *Web developers*: Positive (https://github.com/w3c/trusted-types/issues/347) *Other signals*: WebView application risks Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications? No. Debuggability It's a new method. Its use can be readily debugged in DevTools. Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?Yes Is this feature fully tested by web-platform-tests <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> ?Yes Flag nameTrustedTypesFromLiteral Requires code in //chrome?False Tracking bughttps://bugs.chromium.org/p/chromium/issues/detail?id=1271149 Estimated milestones 108 Anticipated spec changes Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way). Link to entry on the Chrome Platform Status https://chromestatus.com/feature/6551852775112704 -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CALG6KPMW%2BtvbM8eAxv5HJC0JW192EWSX_VmE7Yugta5Z5G-nXg%40mail.gmail.com.
