TrustedTypePolicyFactory: isScriptURL() method
Limited availability
This feature is not Baseline because it does not work in some of the most widely-used browsers.
Note: This feature is available in Web Workers.
The isScriptURL()
method of the TrustedTypePolicyFactory
interface returns true if it is passed a valid TrustedScriptURL
object.
Note:
The purpose of the functions isScriptURL()
, isHTML()
, and isScript()
is to check if the object is a valid TrustedType object, created by a configured policy.
Syntax
isScriptURL(value)
Parameters
value
-
A
TrustedScriptURL
object.
Return value
A boolean
that is true if the object is a valid TrustedScriptURL
object.
Examples
In the below example the constant url
was created by a policy, and therefore isScriptURL()
returns true. The second example is an attempt to fake an object, and the third is a string. Both of these will return false when passed to isScriptURL()
.
const url = policy.createScriptURL("https://example.com/myscript.js");
console.log(trustedTypes.isScriptURL(url)); // true;
const fake = Object.create(TrustedScriptURL.prototype);
console.log(trustedTypes.isScriptURL(fake)); // false
console.log(trustedTypes.isScriptURL("https://example.com/myscript.js")); // false
Specifications
Specification |
---|
Trusted Types # dom-trustedtypepolicyfactory-isscripturl |
Browser compatibility
BCD tables only load in the browser