anElement.innerHTML = aTrustedHTML; With Trusted Types enabled, the browser accepts a TrustedHTML object for sinks that expect HTML snippets. There are also TrustedScript and TrustedScriptURL objects for other sensitive sinks. Trusted Types significantly reduce the DOM XSS attack surface of your application. It simplifies security reviews, and lets you enforce the type-based security checks done w