trusted-types icon indicating copy to clipboard operation
trusted-types copied to clipboard

Published 20 hours ago verified publisher icon w3c

Should the default policy be invoked when trusted types are not required?

Open mbrodesser-Igalia opened this issue 7 months ago • 4 comments

https://w3c.github.io/trusted-types/dist/spec/#get-trusted-type-compliant-string-algorithm step 3 returns if no trusted types are required.

That section is normative. The non-normative section about the default policy (https://w3c.github.io/trusted-types/dist/spec/#default-policy-hdr) doesn't mention that aspect.

It seems more intuitive to invoke the default policy.

mbrodesser-Igalia avatar Jul 15 '24 09:07 mbrodesser-Igalia