Untrusted Types for DevTools is a developer tools chrome extension. it's a free extension , it has 1,000+ active users since released its first version, it earns an average rating of 5.00 from 3 rated user, last update is 928 days ago.
Discover and test inputs passed into sinks that could lead to DOM XSS vulnerabilities. A sink is a code pattern that could run arbitrary JavaScript code if the input is malicious, for example: innerHTML, eval, document.write. This extension adds a panel to DevTools where you can see/filter the sink logs and customize settings. Keywords (by default: "d0mxss") that are found to be passed in a sink will be highlighted in the extension and in console. You can then find the stack trace of a specific log: 1. Click to copy the ID, 2. Open Console>Filter and paste the ID, 3. Now you can inspect the stack trace. Click on the function name to open it in the Sources tab.
You could download the latest version crx file or older version files and install it.
English.
100% user give 5-star rating. Read reviews of untrusted types for devtools
You could find more help information from untrusted types for devtools support page.
You could send emails to publisher, or check publisher's website.
More about manifest_file of untrusted types for devtools.
You could click to report abuse of untrusted types for devtools.
fantastic tool! helps me display the xss dom sink in devtools console! Thanks