Intent to Prototype: Trusted Types spec alignment
Daniel Vogelheim
Contact emails
voge...@chromium.orgSpecification
https://html.spec.whatwg.org/#:~:text=Trusted%20TypesSummary
Trusted Types was implemented and launched in Chromium in 2019, and has since found use in numerous websites. It has recently gained interest from other browser vendors. The Trusted Type spec was co-written as a "monkey patch" spec along with our original implementation. It now receives fresh attention as others are trying to implement the same spec, and we are trying to integrate the spec into HTML. As part of that process various inconsistencies are being identified and fixed. Some of these fixes may be developer observable. This intent is to update our implementation to match the spec, as it's upstreamed into HTML.
Blink component
Blink>SecurityFeature>TrustedTypesMotivation
The Trusted Types spec is being upstreamed into HTML. Our implementation should follow the updated spec to ensure cross-browser compatibility. Spec: - https://w3c.github.io/trusted-types/dist/spec/ - PRs against HTML: https://github.com/whatwg/html/pulls?q=is%3Apr+%22Trusted+Types%22+author%3Alukewarlow+ - The TT-related changes to HTML are not confined to a single section, so the spec link above is a little arbitrary.
Risks
Interoperability and Compatibility
The goal is to achieve full cross-browser interoperability. Some changes may affect backwards compatibility with our current implementation. For example, the change https://github.com/w3c/trusted-types/pull/498 is chiefly about the spec mechanism, but may change _when_ the Trusted Types checks are run. This could be developer observable, e.g. when a method has multiple reasons to throw an error then the order of checks defines which exception is thrown.
Gecko: Positive (https://github.com/mozilla/standards-positions/issues/20)
WebKit: No signal (https://github.com/WebKit/standards-positions/issues/186) Implementation work seems to be ongoing: https://github.com/WebKit/WebKit/pulls?q=is%3Apr+%22trusted+types%22
Web developers: Positive
Other signals:
WebView application risks
Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?
None
Debuggability
None
Is this feature fully tested by web-platform-tests?
Yeshttps://wpt.fyi/results/trusted-types/