This article is in need of a technical review.

The JSSecurityCallbacks.contentSecurityPolicyAllows callback is called when a script attempts to access an object property. The callback can deny the script access to the property.

JSCheckAccessOp is the type of the callback. (It is also the type of the callback set by JS_SetCheckObjectAccessCallback.)


typedef JSBool (*JSCSPEvalChecker)(JSContext *cx);
Name Type Description
cx JSContext * The JS context in which the property access attempt is occurring.


Check whether runtime code generation is allowed for the current global.

JSSecurityCallbacks.contentSecurityPolicyAllows is invoked once per global object upon the first attempt to evaluate JS code from a string (either through eval or the Function constructor).

Document Tags and Contributors

 Contributors to this page: fscholz, kscarfone, tschneidereit
 Last updated by: fscholz,