From fdef1287bcb0910ca0d6246389284554c87424d4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Raffray?= <sraffray@yahoo.fr>
Date: Thu, 26 Sep 2024 15:16:29 +0200
Subject: [PATCH 1/2] csp: add trusted types support

---
 src/types/headers.ts | 2 ++
 src/utils/headers.ts | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/types/headers.ts b/src/types/headers.ts
index af94b4ba..8efea7a2 100644
--- a/src/types/headers.ts
+++ b/src/types/headers.ts
@@ -86,6 +86,8 @@ export type ContentSecurityPolicyValue = {
   //'navigate-to'?: ("'self'" | "'none'" | "'unsafe-allow-redirects'" | string)[] | string | false;
   'report-uri'?: string[] | string | false;
   'report-to'?: string | false;
+  'require-trusted-types-for'?: string | false;
+  'trusted-types'?: string[] | string | false;
   'upgrade-insecure-requests'?: boolean;
 };
 
diff --git a/src/utils/headers.ts b/src/utils/headers.ts
index e1f6d4a3..4c0ac71d 100644
--- a/src/utils/headers.ts
+++ b/src/utils/headers.ts
@@ -112,7 +112,7 @@ export function headerObjectFromString(optionKey: OptionKey, headerValue: string
     const directives = headerValue.split(';').map(directive => directive.trim()).filter(directive => directive)
     const objectForm = {} as ContentSecurityPolicyValue
     for (const directive of directives) {
-      const [type, ...sources] = directive.split(' ').map(token => token.trim()) as [keyof ContentSecurityPolicyValue, ...any]          
+      const [type, ...sources] = directive.split(' ').map(token => token.trim()) as [keyof ContentSecurityPolicyValue, ...string[]]          
       if (type === 'upgrade-insecure-requests') {
         objectForm[type] = true
       } else {

From 080d90efcbe0d291f2583a1a3ea82a468eb2dc0e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Raffray?= <sraffray@yahoo.fr>
Date: Thu, 26 Sep 2024 15:20:21 +0200
Subject: [PATCH 2/2] update docs for trusted types

---
 docs/content/1.documentation/2.headers/1.csp.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docs/content/1.documentation/2.headers/1.csp.md b/docs/content/1.documentation/2.headers/1.csp.md
index 1b63ef22..191e8e80 100644
--- a/docs/content/1.documentation/2.headers/1.csp.md
+++ b/docs/content/1.documentation/2.headers/1.csp.md
@@ -77,6 +77,8 @@ contentSecurityPolicy: {
   'frame-ancestors'?: ("'self'" | "'none'" | string)[] | false;
   'report-uri'?: string[] | false;
   'report-to'?: string | false;
+  'require-trusted-types-for'?: string | false;
+  'trusted-types'?: string[] | string | false;
   'upgrade-insecure-requests'?: boolean;
 } | false
 ```