Currently the DOM spec, and both WebKit and Chromium have special casing in DOM APIs such as node.replaceChildren for script elements. Such that if you try and replace the children with a string or a Text node it would cause a Trusted Types violation.

This was specced in DOM to match the chromium implementation, but was never originally specified in the TT spec.

It's just struck me that this code might be entirely pointless?

Even if you use Trusted types for these APIs they won't set the script elements internal slot to actually allow execution. You can also trivially "bypass" them by calling appendChild(new Text(''))?

So my question is, why are these implemented in Chromium? Is there something I'm missing or can we drop them from the spec and implementations?

cc @koto @otherdaniel @mbrodesser-Igalia