Please note, this is a STATIC archive of website from 03 Nov 2016, does not collect or store any user information, there is no "phishing" involved.


This article needs a technical review. How you can help.

The JSSecurityCallbacks.contentSecurityPolicyAllows callback is called when a script attempts to access an object property. The callback can deny the script access to the property.

JSCheckAccessOp is the type of the callback. (It is also the type of the callback set by JS_SetCheckObjectAccessCallback.)


typedef JSBool (*JSCSPEvalChecker)(JSContext *cx);
Name Type Description
cx JSContext * The JS context in which the property access attempt is occurring.


Check whether runtime code generation is allowed for the current global.

JSSecurityCallbacks.contentSecurityPolicyAllows is invoked once per global object upon the first attempt to evaluate JS code from a string (either through eval or the Function constructor).

Document Tags and Contributors

 Contributors to this page: fscholz, kscarfone, tschneidereit
 Last updated by: fscholz,