1. Trusted Types for DOM manipulation

    An API that forces developers to be very explicit about their use of powerful DOM-injection APIs. Can greatly improve security against XSS attacks.

  2. trustedtypes api

  3. headers http header: content-security-policy: require-trusted-types-for

  4. headers http header: content-security-policy: trusted-types