TrustedScriptURL

The TrustedScriptURL interface of the Trusted Types API represents a string that a developer can insert into an injection sink that will parse it as a URL of an external script. These objects are created via TrustedTypePolicy.createScriptURL() and therefore have no constructor.

The value of a TrustedScriptURL object is set when the object is created and cannot be changed by JavaScript as there is no setter exposed.

Methods

TrustedScriptURL.toJSON()

Returns a JSON representation of the stored data.

TrustedScriptURL.toString()

A string containing the sanitized URL.

Examples

The constant sanitized is an object created via a Trusted Types policy.

const sanitized = scriptPolicy.createScriptURL("https://example.com/my-script.js");
console.log(sanitized;) /* a TrustedScriptURL object */

Specifications

Browser compatibility

Desktop Mobile
Chrome Edge Firefox Internet Explorer Opera Safari WebView Android Chrome Android Firefox for Android Opera Android Safari on IOS Samsung Internet
TrustedScriptURL
83
83
No
No
69
No
83
83
No
59
No
13.0
toJSON
90
90
No
No
76
No
90
90
No
64
No
15.0
toString
83
83
No
No
69
No
83
83
No
59
No
13.0

See also

© 2005–2021 MDN contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.
https://developer.mozilla.org/en-US/docs/Web/API/TrustedScriptURL