top | item 47133838

(no title)

I would absolutely love to hear your reasoning that leads to type systems being considered a "restriction of end-user computing freedoms".

For those that don't know what trusted types are: Simply put, it splits the string type in to unsanitised_string_from_user and safe_escaped_string where unsafe strings can not be used in function parameters that only take a safe string That's heavily simplifying of course, but it's the basic idea.

discuss

TeMPOraL|5 days ago

Skimming the API docs on MDN, it makes sure the site vendor gets to run filtering code over anything you'd want to inject via e.g. user script or console, securing it with CSP. I expect this to make user scripts work as well as they do on Chrome now. If there's a workaround, I'd love to hear about it.

duskdozer|5 days ago

Oh just great. The web is bad enough already, I think I'll have to go live in the woods if userscripts get kneecapped

LiamPowell|5 days ago

Worst case you just run your userscript before any policies are created, but in most cases it's not going to impact userscripts.