HTMLElement.nonce

This is an experimental technology
Check the Browser compatibility table carefully before using this in production.

The nonce property of the HTMLElement interface returns the cryptographic number used once that is used by Content Security Policy to determine whether a given fetch will be allowed to proceed.

In later implementations, elements that have a nonce attribute only expose it to scripts (and not to side-channels like CSS attribute selectors). 

Syntax

var nonce = HTMLElement.nonce
HTMLElement.nonce = nonce

Value

A cryptographic nonce.

Specifications

Specification Status Comment
HTML Living Standard
The definition of 'nonce' in that specification.
Living Standard Initial definition.

Browser Compatibility

Update compatibility data on GitHub
DesktopMobile
ChromeEdgeFirefoxInternet ExplorerOperaSafariAndroid webviewChrome for AndroidEdge MobileFirefox for AndroidOpera for AndroidSafari on iOSSamsung Internet
Basic supportChrome Full support 61Edge No support NoFirefox No support NoIE No support NoOpera ? Safari ? WebView Android Full support 61Chrome Android Full support 61Edge Mobile No support NoFirefox Android No support NoOpera Android ? Safari iOS ? Samsung Internet Android ?

Legend

Full support  
Full support
No support  
No support
Compatibility unknown  
Compatibility unknown

Document Tags and Contributors

Contributors to this page: fscholz, complicationlamp, jpmedley
Last updated by: fscholz,