This is an experimental technology
Check the Browser compatibility table carefully before using this in production.

The nonce property of the HTMLElement interface returns the cryptographic number used once that is used by Content Security Policy to determine whether a given fetch will be allowed to proceed.

In later implementations, elements that have a nonce attribute only expose it to scripts (and not to side-channels like CSS attribute selectors). 


var nonce = HTMLElement.nonce
HTMLElement.nonce = nonce


A cryptographic nonce.


Specification Status Comment
HTML Living Standard
The definition of 'nonce' in that specification.
Living Standard Initial definition.

Browser Compatibility

We're converting our compatibility data into a machine-readable JSON format. This compatibility table still uses the old format, because we haven't yet converted the data it contains. Find out how you can help!

Feature Chrome Firefox (Gecko) Internet Explorer Opera Safari (WebKit)
Basic support (Yes) ? ? ? ?
Side-channels excluded No support ? ? ? ?
Feature Android Webview Chrome for Android Firefox Mobile (Gecko) Firefox OS IE Mobile Opera Mobile Safari Mobile
Basic support (Yes) (Yes) ? ? ? ? ?
Side-channels excluded No support No support ? ? ? ? ?

Document Tags and Contributors

 Contributors to this page: complicationlamp, jpmedley
 Last updated by: complicationlamp,