Skip to content

Check compliance with Trusted Types #5569

New issue
New issue
Closed
#5575
Closed
Check compliance with Trusted Types#5569
#5575
Assignees
sosnovsky
Labels
actionable
Milestone
8.5.3: Improvements for encrypted content detection and PGP/MIME messages parsing, Trusted Types compatibility
@sosnovsky

Description

@sosnovsky
sosnovsky
opened on Jan 17, 2024

Google announced that they extend Trusted Types to Gmail in mid-February - https://workspaceupdates.googleblog.com/2024/01/extending-trusted-types-to-gmail.html:

This new enforcement mode will require third-party extensions to use typed objects instead of strings when assigning values to DOM APIs. Once Trusted Types are fully enforced, the Trusted Types directive will be present in the Content Security Policy (CSP) header:
Content-Security-Policy: require-trusted-types-for 'script';report-uri https://mail.google.com/mail/cspreport

We already use DOMPurify library for DOM manipulations, but need to re-check if extension is fully complaint with Trusted Types.

Metadata

Metadata

Assignees

Labels

actionable

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions