UNPKG

next

Version:

The React Framework

nextjs.org

vercel/next.js

30 lines (29 loc) 1.24 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
/** * Stores the Trusted Types Policy. Starts as undefined and can be set to null * if Trusted Types is not supported in the browser. */ let policy; /** * Getter for the Trusted Types Policy. If it is undefined, it is instantiated * here or set to null if Trusted Types is not supported in the browser. */ function getPolicy() { if (typeof policy === 'undefined' && typeof window !== 'undefined') { policy = window.trustedTypes?.createPolicy('nextjs', { createHTML: (input)=>input, createScript: (input)=>input, createScriptURL: (input)=>input }) || null; } return policy; } /** * Unsafely promote a string to a TrustedScriptURL, falling back to strings * when Trusted Types are not available. * This is a security-sensitive function; any use of this function * must go through security review. In particular, it must be assured that the * provided string will never cause an XSS vulnerability if used in a context * that will cause a browser to load and execute a resource, e.g. when * assigning to script.src. */ export function __unsafeCreateTrustedScriptURL(url) { return getPolicy()?.createScriptURL(url) || url; } //# sourceMappingURL=trusted-types.js.map