Trusted Types for DOM manipulation (original) (raw)

Trusted Types for DOM manipulation

- UNOFF

An API that forces developers to be very explicit about their use of powerful DOM-injection APIs. Can greatly improve security against XSS attacks.

Chrome

1. ❌ 4 - 81: Not supported
2. ✅ 83 - 148: Supported
3. ✅ 149: Supported
4. ✅ 150 - 152: Supported

Edge

1. ❌ 12 - 81: Not supported
2. ✅ 83 - 148: Supported
3. ✅ 149: Supported

Safari

1. ❌ 3.1 - 18.7: Not supported
2. ✅ 26.0 - 26.3: Supported
3. ✅ 26.4: Supported
4. ✅ 26.5 - TP: Supported

Firefox

1. ❌ 2 - 144: Not supported
2. ❌ 145 - 147: Disabled by default
3. ✅ 148 - 150: Supported
4. ✅ 151: Supported
5. ✅ 152 - 154: Supported

Opera

1. ❌ 9 - 68: Not supported
2. ✅ 69 - 127: Supported
3. ✅ 131: Supported

IE

1. ❌ 5.5 - 10: Not supported
2. ❌ 11: Not supported

Chrome for Android

1. ✅ 149: Supported

Safari on iOS

1. ❌ 3.2 - 18.7: Not supported
2. ✅ 26.0 - 26.3: Supported
3. ✅ 26.4: Supported
4. ✅ 26.5: Supported

Samsung Internet

1. ❌ 4 - 12.0: Not supported
2. ✅ 13.0 - 29: Supported
3. ✅ 30: Supported

Opera Mini

1. ❌ all: Not supported

Opera Mobile

1. ❌ 10 - 12.1: Not supported
2. ✅ 80: Supported

UC Browser for Android

1. ✅ 15.5: Supported

Android Browser

1. ❌ 2.1 - 4.4.4: Not supported
2. ✅ 149: Supported

Firefox for Android

1. ✅ 151: Supported

QQ Browser

1. ❌ 14.9: Not supported

Baidu Browser

1. ✅ 13.52: Supported

KaiOS Browser

1. ❌ 2.5: Not supported
2. ❌ 3: Not supported

Resources:

Web.dev article on using trusted types