From c07f0a0d8632adac4e739b4e265104ae1082b581 Mon Sep 17 00:00:00 2001
From: raamas <omardenilson007@gmail.com>
Date: Mon, 2 Mar 2026 08:24:03 -0500
Subject: [PATCH] docs: add Content Security Policy (CSP) documentation

---
 .../docs/{06-runtime/06-csp.md => 07-misc/08-csp.md}   | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)
 rename documentation/docs/{06-runtime/06-csp.md => 07-misc/08-csp.md} (78%)

diff --git a/documentation/docs/06-runtime/06-csp.md b/documentation/docs/07-misc/08-csp.md
similarity index 78%
rename from documentation/docs/06-runtime/06-csp.md
rename to documentation/docs/07-misc/08-csp.md
index d826c6007b..c6487a206a 100644
--- a/documentation/docs/06-runtime/06-csp.md
+++ b/documentation/docs/07-misc/08-csp.md
@@ -57,4 +57,12 @@ response.headers.set(
  );
 ```
 
-We recommend using `nonce` over hash if you can, as `hash` will interfere with streaming SSR in the future.
\ No newline at end of file
+We recommend using `nonce` over hash if you can, as `hash` will interfere with streaming SSR in the future.
+
+## Trusted Types
+
+When using Content Security Policy (CSP) with Trusted Types enabled, Svelte supports the `svelte-trusted-html` policy. This allows you to safely handle HTML content in your templates.
+
+Use `trusted-types svelte-trusted-html` directive to enable Trusted Types policy for Svelte-generated HTML:
+
+You can also utilize `{@html policy.createHTML(html)}` to create trusted HTML strings that comply with your CSP policy