data0

Some really nice things arrived in #browser land in February 2026 (i.e. "Baseline Newly available"):

Trusted Types API (prevent DOM-based cross-site scripting):
https://web.dev/articles/trusted-types

`Map.prototype.getOrInsert()`:
https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Map/getOrInsert

Zstandard compression (only server-side via `Content-Encoding` for now it seems, so no support in #JavaScript `CompressionStream` / `DecompressionStream` yet):
https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Content-Encoding

#webdev #xss

Prevent DOM-based cross-site scripting vulnerabilities with Trusted Types  |  Articles  |  web.dev

Introducing Trusted Types: a browser API to prevent DOM-based cross-site scripting in modern web applications.

web.dev
Apr 13 at 3:23pmWeb