Главная » Языки программирования

Html script for text

На чтение 12 мин
Содержание
  1. : The Script element
  2. Attributes
  3. Deprecated attributes
  4. Notes
  5. Examples
  6. Basic usage
  7. Module fallback
  8. Importing modules with importmap
  9. Embedding data in HTML
  10. Blocking rendering till a script is fetched and executed
  11. Specifications
  12. Browser compatibility
  13. See also
  14. Found a content problem with this page?
  15. MDN
  16. Support
  17. Our communities
  18. Developers
  19. HTML Tag
  20. Tips and Notes
  21. Browser Support
  22. Attributes
  23. Differences Between HTML and XHTML

: The Script element

The HTML element is used to embed executable code or data; this is typically used to embed or refer to JavaScript code. The element can also be used with other languages, such as WebGL’s GLSL shader programming language and JSON.

Content categories Metadata content, Flow content, Phrasing content.
Permitted content Dynamic script such as text/javascript .
Tag omission None, both the starting and ending tag are mandatory.
Permitted parents Any element that accepts metadata content, or any element that accepts phrasing content.
Implicit ARIA role No corresponding role
Permitted ARIA roles No role permitted
DOM interface HTMLScriptElement

Attributes

This element includes the global attributes.

For classic scripts, if the async attribute is present, then the classic script will be fetched in parallel to parsing and evaluated as soon as it is available.

For module scripts, if the async attribute is present then the scripts and all their dependencies will be executed in the defer queue, therefore they will get fetched in parallel to parsing and evaluated as soon as they are available.

This attribute allows the elimination of parser-blocking JavaScript where the browser would have to load and evaluate scripts before continuing to parse. defer has a similar effect in this case.

This is a boolean attribute: the presence of a boolean attribute on an element represents the true value, and the absence of the attribute represents the false value.

See Browser compatibility for notes on browser support. See also Async scripts for asm.js.

Normal script elements pass minimal information to the window.onerror for scripts which do not pass the standard CORS checks. To allow error logging for sites which use a separate domain for static media, use this attribute. See CORS settings attributes for a more descriptive explanation of its valid arguments.

This Boolean attribute is set to indicate to a browser that the script is meant to be executed after the document has been parsed, but before firing DOMContentLoaded .

Scripts with the defer attribute will prevent the DOMContentLoaded event from firing until the script has loaded and finished evaluating.

Warning: This attribute must not be used if the src attribute is absent (i.e. for inline scripts), in this case it would have no effect.

The defer attribute has no effect on module scripts — they defer by default.

Scripts with the defer attribute will execute in the order in which they appear in the document.

This attribute allows the elimination of parser-blocking JavaScript where the browser would have to load and evaluate scripts before continuing to parse. async has a similar effect in this case.

Provides a hint of the relative priority to use when fetching an external script. Allowed values:

Signals a high-priority fetch relative to other external scripts.

Signals a low-priority fetch relative to other external scripts.

Читайте также:  JavaScript Select Element Demo

Default: Signals automatic determination of fetch priority relative to other external scripts.

This attribute contains inline metadata that a user agent can use to verify that a fetched resource has been delivered free of unexpected manipulation. See Subresource Integrity.

This Boolean attribute is set to indicate that the script should not be executed in browsers that support ES modules — in effect, this can be used to serve fallback scripts to older browsers that do not support modular JavaScript code.

A cryptographic nonce (number used once) to allow scripts in a script-src Content-Security-Policy. The server must generate a unique nonce value each time it transmits a policy. It is critical to provide a nonce that cannot be guessed as bypassing a resource’s policy is otherwise trivial.

Indicates which referrer to send when fetching the script, or resources fetched by the script:

  • no-referrer : The Referer header will not be sent.
  • no-referrer-when-downgrade : The Referer header will not be sent to origins without TLS (HTTPS).
  • origin : The sent referrer will be limited to the origin of the referring page: its scheme, host, and port.
  • origin-when-cross-origin : The referrer sent to other origins will be limited to the scheme, the host, and the port. Navigations on the same origin will still include the path.
  • same-origin : A referrer will be sent for same origin, but cross-origin requests will contain no referrer information.
  • strict-origin : Only send the origin of the document as the referrer when the protocol security level stays the same (HTTPS→HTTPS), but don’t send it to a less secure destination (HTTPS→HTTP).
  • strict-origin-when-cross-origin (default): Send a full URL when performing a same-origin request, only send the origin when the protocol security level stays the same (HTTPS→HTTPS), and send no header to a less secure destination (HTTPS→HTTP).
  • unsafe-url : The referrer will include the origin and the path (but not the fragment, password, or username). This value is unsafe, because it leaks origins and paths from TLS-protected resources to insecure origins.

Note: An empty string value ( «» ) is both the default value, and a fallback value if referrerpolicy is not supported. If referrerpolicy is not explicitly specified on the element, it will adopt a higher-level referrer policy, i.e. one set on the whole document or domain. If a higher-level policy is not available, the empty string is treated as being equivalent to strict-origin-when-cross-origin .

This attribute specifies the URI of an external script; this can be used as an alternative to embedding a script directly within a document.

This attribute indicates the type of script represented. The value of this attribute will be one of the following:

Attribute is not set (default), an empty string, or a JavaScript MIME type

Indicates that the script is a «classic script», containing JavaScript code. Authors are encouraged to omit the attribute if the script refers to JavaScript code rather than specify a MIME type. JavaScript MIME types are listed in the IANA media types specification.

This value causes the code to be treated as a JavaScript module. The processing of the script contents is deferred. The charset and defer attributes have no effect. For information on using module , see our JavaScript modules guide. Unlike classic scripts, module scripts require the use of the CORS protocol for cross-origin fetching.

Читайте также:  Питон list to str

This value indicates that the body of the element contains an import map. The import map is a JSON object that developers can use to control how the browser resolves module specifiers when importing JavaScript modules.

Any other value

The embedded content is treated as a data block, and won’t be processed by the browser. Developers must use a valid MIME type that is not a JavaScript MIME type to denote data blocks. All of the other attributes will be ignored, including the src attribute.

This attribute explicitly indicates that certain operations should be blocked on the fetching of the script. The operations that are to be blocked must be a space-separated list of blocking attributes listed below.

Deprecated attributes

If present, its value must be an ASCII case-insensitive match for » utf-8 «. It’s unnecessary to specify the charset attribute, because documents must use UTF-8, and the script element inherits its character encoding from the document.

language Deprecated Non-standard

Like the type attribute, this attribute identifies the scripting language in use. Unlike the type attribute, however, this attribute’s possible values were never standardized. The type attribute should be used instead.

Notes

Scripts without async , defer or type=»module» attributes, as well as inline scripts without the type=»module» attribute, are fetched and executed immediately before the browser continues to parse the page.

The script should be served with the text/javascript MIME type, but browsers are lenient and only block them if the script is served with an image type ( image/* ), a video type ( video/* ), an audio type ( audio/* ), or text/csv . If the script is blocked, an error event is sent to the element; otherwise, a load event is sent.

Examples

Basic usage

These examples show how to import (an external) script using the element.

script src="javascript.js"> script>

And the following examples show how to put (an inline) script inside the element.

script> alert("Hello World!"); script>

Module fallback

Browsers that support the module value for the type attribute ignore any script with a nomodule attribute. That enables you to use module scripts while providing nomodule -marked fallback scripts for non-supporting browsers.

script type="module" src="main.js"> script> script nomodule src="fallback.js"> script>

Importing modules with importmap

When importing modules in scripts, if you don’t use the type=importmap feature, then each module must be imported using a module specifier that is either an absolute or relative URL. In the example below, the first module specifier («./shapes/square.js») resolves relative to the base URL of the document, while the second is an absolute URL.

import  name as squareName, draw > from "./shapes/square.js"; import  name as circleName > from "https://example.com/shapes/circle.js";

An import map allows you to provide a mapping that, if matched, can replace the text in the module specifier. The import map below defines keys square and circle that can be used as aliases for the module specifiers shown above.

script type="importmap">  "imports":  "square": "./shapes/square.js", "circle": "https://example.com/shapes/circle.js" > > script>

This allows us to import modules using names in the module specifier (rather than absolute or relative URLs).

import  name as squareName, draw > from "square"; import  name as circleName > from "circle";

For more examples of what you can do with import maps, see the Importing modules using import maps section in the JavaScript modules guide.

Embedding data in HTML

You can also use the element to embed data in HTML with server-side rendering by specifying a valid non-JavaScript MIME type in the type attribute.

script id="data" type="application/json">  "userId": 1234, "userName": "Maria Cruz", "memberSince": "2000-01-01T00:00:00.000Z" > script> script> const userInfo = JSON.parse(document.getElementById("data").text); console.log("User information: %o", userInfo); script>

Blocking rendering till a script is fetched and executed

You can include render token inside a blocking attribute; the rendering of the page will be blocked till the script is fetched and executed. In the example below, we block rendering on an async script, so that the script doesn’t block parsing but is guaranteed to be evaluated before rendering starts.

script blocking="render" async src="async-script.js"> script>

Specifications

Browser compatibility

BCD tables only load in the browser

See also

Found a content problem with this page?

This page was last modified on Jun 12, 2023 by MDN contributors.

Your blueprint for a better internet.

MDN

Support

Our communities

Developers

Visit Mozilla Corporation’s not-for-profit parent, the Mozilla Foundation.
Portions of this content are ©1998– 2023 by individual mozilla.org contributors. Content available under a Creative Commons license.

Источник

HTML Tag

The tag is used to embed a client-side script (JavaScript).

The element either contains scripting statements, or it points to an external script file through the src attribute.

Common uses for JavaScript are image manipulation, form validation, and dynamic changes of content.

Tips and Notes

Tip: If you want to learn more about JavaScript, visit our JavaScript Tutorial.

Browser Support

Attributes

Attribute Value Description
async async Specifies that the script is downloaded in parallel to parsing the page, and executed as soon as it is available (before parsing completes) (only for external scripts)
crossorigin anonymous
use-credentials		 Sets the mode of the request to an HTTP CORS Request
defer defer Specifies that the script is downloaded in parallel to parsing the page, and executed after the page has finished parsing (only for external scripts)
integrity filehash Allows a browser to check the fetched script to ensure that the code is never loaded if the source has been manipulated
nomodule True
False		 Specifies that the script should not be executed in browsers supporting ES2015 modules
referrerpolicy no-referrer
no-referrer-when-downgrade
origin
origin-when-cross-origin
same-origin
strict-origin
strict-origin-when-cross-origin
unsafe-url		 Specifies which referrer information to send when fetching a script
src URL Specifies the URL of an external script file
type scripttype Specifies the media type of the script

Differences Between HTML and XHTML

In XHTML, the content inside scripts is declared as #PCDATA (instead of CDATA), which means that entities will be parsed.

This means that in XHTML, all special characters should be encoded, or all content should be wrapped inside a CDATA section:

Источник

Оцените статью
© 2023 Программирование