Developer-centric research results about Trusted Types #471
Comments
|
Thank you for posting this, this is very interesting! I'm interested in the follow-up. |
|
Same here, I'm interested! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Recently, we have conducted a study regarding development strategies and roadblocks of trusted types deployment for Web Developers which is going to be presented/published in August 2024 (Preprint: https://swag.cispa.saarland/papers/roth2024tt.pdf).
Among others, our research identified problems such as the inheritance of Trusted Types to sourceless Iframes. But we also shed light on the possible need for improvements regarding usability, e.g., the available HTML sanitizers removing all occurrences of JavaScript.
We hope that by posting the paper here, we can contribute a different perspective to the discussion. In a followup work we plan to include multiple perspectives into the design of Trusted Types. Our idea is to actively invite real-world Web developers, security experts, browser vendors, and Web security researchers such that we can find ways to mitigate or eradicate the roadblocks of Trusted Types together. So if you are interested drop us a message.
The text was updated successfully, but these errors were encountered: