The emptyScript read-only property of the TrustedTypePolicyFactory interface returns a TrustedScript object containing an empty string.

This object can be used when the application requires an empty string to be inserted into an injection sink which is expecting a TrustedScript object.


var emptyScript = TrustedTypePolicyFactory.emptyScript;


A TrustedScript object.


The specification explains that the emptyScript object can be used to detect support for dynamic code compilation.

Native Trusted Types implementations can support eval(TrustedScript), therefore in the below example a native implementation will return false for eval(trustedTypes.emptyScript). A polyfill will return a truthy object.

const supportsTS = !eval(trustedTypes.emptyScript);
eval(supportsTS ? myTrustedScriptObj : myTrustedScriptObj.toString());


Specification Status Comment
Trusted Types
The definition of 'TrustedTypePolicyFactory.emptyScript' in that specification.
Editor's Draft Initial definition.

Browser compatibility

BCD tables only load in the browser