Learn how to mitigate client-side XSS and
help us test Trusted Types
The modern Web shifts more and more towards the client side, making client-side XSS more prominent. Trusted Types is a novel security mechanism, which enables a Web sites operator to enforce sanitization of input to JavaScripts APIs prone to client-side XSS.
In this study you...
Details
The study is currently running. If you are Web developer and want to participate, fill in the screening survey.
Screening Survey | ~3 min
In our Screening Survey we ask basic questions about your professional experience as well as basic demographics. Notably all data will be treated confidentially and at no point will we disclose identities of participants (neither in public nor in our research papers) nor the sites they operate.
Sign-upThe Interview | ~15 min
Throughout the interview, we will have a chat about your working environment and some Web topics. If you don’t want to answer a certain question, feel free to say it during the interview, and we’ll skip it.
The Coding Task + Debriefing | ~ 60+15 min
For the coding task, we ask you make yourself familiar with Trusted Types. You may use any resource you want; for your convenience we linked to one information source below. Our small Web application is build with common frameworks and uses common third-party features. Your task will be to deploy Trusted Types for this application. Although the backend is written in python, knowledge about this language is not needed as Trusted Types is deployed as a client-side mechanism written in JavaScript. We will tell you how the application works and answer any questions you have about the application itself. Aftwards we will finish the coding-task with a short debriefing.
Get Infos about Trusted TypesWant to learn about Trusted Types?
We are looking for Web Developers to help us improve Trusted Types. You may participate in either one, or both of the studies. Fill in our screening survey to sign-up.