Experimental: This is an experimental technology
Check the Browser compatibility table carefully before using this in production.
require-trusted-types-for Experimental directive instructs user agents to control the data passed to DOM XSS sink functions, like
When used, those functions only accept non-spoofable, typed values created by Trusted Type policies, and reject strings. Together with
trusted-types directive, which guards creation of Trusted Type policies, this allows authors to define rules guarding writing values to the DOM and thus reducing the DOM XSS attack surface to small, isolated parts of the web application codebase, facilitating their monitoring and code review.