Thanks to visit codestin.com
Credit goes to developer.mozilla.org

  1. Web
  2. Web APIs
  3. TrustedScript

TrustedScript

Baseline 2026
Newly available

Since February 2026, this feature works across the latest devices and browser versions. This feature might not work in older devices or browsers.

Note: This feature is available in Web Workers.

The TrustedScript interface of the Trusted Types API represents a string with an uncompiled script body that a developer can insert into an injection sink that might execute the script. These objects are created via TrustedTypePolicy.createScript() and therefore have no constructor.

The value of a TrustedScript object is set when the object is created and cannot be changed by JavaScript as there is no setter exposed.

Instance methods

TrustedScript.toJSON()

Returns a JSON representation of the stored data.

TrustedScript.toString()

A string containing the sanitized script.

Examples

The constant sanitized is an object created via a Trusted Types policy.

js
const sanitized = scriptPolicy.createScript("eval('2 + 2')");
console.log(sanitized); /* a TrustedScript object */

Specifications

Specification
Trusted Types
# trusted-script

Browser compatibility

See also

Help improve MDN

Learn how to contribute

This page was last modified on by MDN contributors.

View this page on GitHubReport a problem with this content