← All tools

trusted-types

https://w3c.github.io/trusted-types/dist/spec/

Free

Categories

Web Application

Description

A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.

Keywords

dom javascript polyfill security trusted-types w3c xss

Example Usage

<!-- API only -->
<script src="https://w3c.github.io/trusted-types/dist/es5/trustedtypes.api_only.build.js"></script>
<script>
     const p = trustedTypes.createPolicy('foo', ...)
     document.body.innerHTML = p.createHTML('foo'); // works
     document.body.innerHTML = 'foo'; // but this one works too (no enforcement).
</script>

See also

xurlfind3r

Open Source

A command-line utility designed to discover URLs for a given domain in a simple, efficient way. It w…

Corsy

Open Source

Lightweight program to find all known misconfigurations in CORS (Cross-Origin Resource Sharing) impl…

OWASP ZAP

Open Source Kali

OWASP's Zed Attack Proxy — one of the world's most popular free web application security scanners. F…

ssrf-exploit

Open Source Kali

an exploit of Server-side request forgery (SSRF)…

cazador_unr

Free

[scanner] [TcpListener] [FileMiner] [Subscrabber]…

Joomscan

Open Source Kali

OWASP Joomla vulnerability scanner. Detects Joomla version, components, modules, and templates with …