TrustedTypePolicyFactory: isHTML() method
Limited availability
This feature is not Baseline because it does not work in some of the most widely-used browsers.
Note: This feature is available in Web Workers.
The isHTML() method of the TrustedTypePolicyFactory interface returns true if it is passed a valid TrustedHTML object.
Note:
The purpose of the functions isHTML(), isScript(), and isScriptURL() is to check if the object is a valid TrustedType object, created by a configured policy.
Syntax
isHTML(value)
Parameters
value-
A
TrustedHTMLobject.
Return value
A boolean that is true if the object is a valid TrustedHTML object.
Examples
In the below example the constant html was created by a policy, and therefore isHTML() returns true. The second example is an attempt to fake an object, and the third is a string. Both of these will return false when passed to isHTML().
const html = policy.createHTML("<div>");
console.log(trustedTypes.isHTML(html)); // true;
const fake = Object.create(TrustedHTML.prototype);
console.log(trustedTypes.isHTML(fake)); // false
console.log(trustedTypes.isHTML("<div>plain string</div>")); // false
Specifications
| Specification |
|---|
| Trusted Types # dom-trustedtypepolicyfactory-ishtml |
Browser compatibility
BCD tables only load in the browser