Researcher demos trick to beat Trusted Types protection in Google Chrome


An essential tool for protecting websites from DOM-based cross-site scripting assaults is Trusted Types, which enables them to provide tight guidelines for how to handle specific DOM properties.

Kinugawa discovered that Trusted Types would not shield a site from DOM XSS if it used these characteristics. According to a message on a Chrome security mailing list, if a site changed an existing attribute value using nodeValue/textContent, Trusted Types would completely disregard the assignment. Read More…