TrustedTypePolicyFactory: emptyScript property
The emptyScript read-only property of the TrustedTypePolicyFactory interface returns a TrustedScript object containing an empty string.
This object can be used when the application requires an empty string to be inserted into an injection sink which is expecting a TrustedScript object.
Value
A TrustedScript object.
Examples
The specification explains that the emptyScript object can be used to detect support for dynamic code compilation.
Native Trusted Types implementations can support eval(TrustedScript), therefore in the below example a native implementation will return false for eval(trustedTypes.emptyScript). A polyfill will return a truthy object.
const supportsTS = !eval(trustedTypes.emptyScript);
eval(supportsTS ? myTrustedScriptObj : myTrustedScriptObj.toString());
Specifications
| Specification |
|---|
| Trusted Types # dom-trustedtypepolicyfactory-emptyscript |
Browser compatibility
BCD tables only load in the browser