TrustedTypePolicyFactory: isScript() method

Limited availability

This feature is not Baseline because it does not work in some of the most widely-used browsers.

Note: This feature is available in Web Workers.

The isScript() method of the TrustedTypePolicyFactory interface returns true if it is passed a valid TrustedScript object.

Note: The purpose of the functions isScript(), isHTML(), and isScriptURL() is to check if the object is a valid TrustedType object, created by a configured policy.

Syntax

js
isScript(value)

Parameters

value

A TrustedScript object.

Return value

A boolean that is true if the object is a valid TrustedScript object.

Examples

In the below example the constant url was created by a policy, and therefore isScriptURL() returns true. The second example is an attempt to fake an object, and the third is a string. Both of these will return false when passed to isScriptURL().

js
const myScript = policy.createScript("eval('2 + 2')");
console.log(trustedTypes.isScript(myScript)); // true;

const fake = Object.create(TrustedScript.prototype);
console.log(trustedTypes.isScript(fake)); // false

console.log(trustedTypes.isScript("eval('2 + 2')")); // false

Specifications

Specification
Trusted Types
# dom-trustedtypepolicyfactory-isscript

Browser compatibility

Report problems with this compatibility data on GitHub
desktopmobile
Chrome
Edge
Firefox
Opera
Safari
Chrome Android
Firefox for Android
Opera Android
Safari on iOS
Samsung Internet
WebView Android
WebView on iOS
isScript

Legend

Tip: you can click/tap on a cell for more information.

Full support
Full support
No support
No support