W3cubDocs

/Web APIs

TrustedTypePolicyFactory: isHTML() method

The isHTML() method of the TrustedTypePolicyFactory interface returns true if it is passed a valid TrustedHTML object.

Note: The purpose of the functions isHTML(), isScript(), and isScriptURL() is to check if the object is a valid TrustedType object, created by a configured policy.

Syntax

js

isHTML(value)

Parameters

value

A TrustedHTML object.

Return value

A boolean that is true if the object is a valid TrustedHTML object.

Examples

In the below example the constant html was created by a policy, and therefore isHTML() returns true. The second example is an attempt to fake an object, and the third is a string. Both of these will return false when passed to isHTML().

js

const html = policy.createHTML("<div>");
console.log(trustedTypes.isHTML(html)); // true;

const fake = Object.create(TrustedHTML.prototype);
console.log(trustedTypes.isHTML(fake)); // false

console.log(trustedTypes.isHTML("<div>plain string</div>")); // false

Specifications

Browser compatibility

Desktop Mobile
Chrome Edge Firefox Internet Explorer Opera Safari WebView Android Chrome Android Firefox for Android Opera Android Safari on IOS Samsung Internet
isHTML 83 83 No No 69 No 83 83 No 59 No 13.0

© 2005–2023 MDN contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.
https://developer.mozilla.org/en-US/docs/Web/API/TrustedTypePolicyFactory/isHTML