stackoom
  简体   繁体   中英

Is there any useful mime for <script type=“mime” src=“…”> except for JS?

 原文  2019-08-05 01:01:27       javascript/ mime-types/ script-tag/ dynamic-script-loading

Question

From much reading I conclude:

The <script> tag can store data, but it is only accessible if src is not used.

I want to use src because it is how my script-loader works. Is the type attribute and every mime-types then useless or what?...

I have found that the "text/javascript" (same as "application/javascript") can not be accessed by .innerText or .innerHTML or .toString (hopefully I missed something here). But it can be executed, that is the one and only thing that can be done with external <script> without browser extensions - i guess. Data is not accessible in no way because src is used?

I hope I am wrong because I want to extend my script-loader to load the mime-types that is possible to read. Is there any? Please tell me any/some accessible mime-types to dynamic load externally.

Update - Thank you for answer - Now I conclude:

The pattern <script type src> is not useful for any mime-types except Javascript, according to whatwg.org :

Setting the attribute to any other value means that the script is a data block, which is not processed. None of the script attributes (except type itself) have any effect on data blocks.

So, setting the type to any other value than for Javascript makes src having no effect and the <script> becomes a data block not so useful, because a variable as the only way to put data into it should much better store the data into a div .

Never will type and src work together in script (that would open up a security risks), because import and fetch is already the new way to load files. Script loaders may still be used where E6 import can not load on servers without CORS.

1 answers

solution1
 2 ACCPTED  2019-08-05 01:19:44

Not particularly, unless you have a .json file and the server sends the appropriate MIME type in the response header. Otherwise, the contents of the <script> tag will not be processed.

Per the WHATWG specification ,

The type attribute allows customization of the type of script represented:

  • Omitting the attribute, setting it to the empty string, or setting it to a JavaScript MIME type essence match, means that the script is a classic script, to be interpreted according to the JavaScript Script top-level production. Classic scripts are affected by the async and defer attributes, but only when the src attribute is set. Authors should omit the type attribute instead of redundantly setting it.

  • Setting the attribute to an ASCII case-insensitive match for the string " module " means that the script is a module script. If it has a JavaScript MIME type, or if the script is embedded inline, then it will be interpreted as a JavaScript module script according to the JavaScript Module top-level production; if it has a JSON MIME type, then it will be interpreted as a JSON module script. Module scripts are not affected by the defer attribute, but are affected by the async attribute (regardless of the state of the src attribute).

  • Setting the attribute to any other value means that the script is a data block, which is not processed. None of the script attributes (except type itself) have any effect on data blocks. Authors must use a valid MIME type string that is not a JavaScript MIME type essence match to denote data blocks.

A JavaScript MIME is defined as any of the following:

  • application/ecmascript
  • application/javascript
  • application/x-ecmascript
  • application/x-javascript
  • text/ecmascript
  • text/javascript
  • text/javascript1.0
  • text/javascript1.1
  • text/javascript1.2
  • text/javascript1.3
  • text/javascript1.4
  • text/javascript1.5
  • text/jscript
  • text/livescript
  • text/x-ecmascript
  • text/x-javascript

A JSON MIME is defined as

any MIME type whose subtype ends in " +json " or whose essence is " application/json " or " text/json ".

It is important to note that you must use a valid MIME type in order to guarantee browsers will never try to process it. Otherwise, future additions to the specification could break your code:

The requirement that data blocks must be denoted using a valid MIME type string is in place to avoid potential future collisions. If this specification ever adds additional types of script, they will be triggered by setting the type attribute to something which is not a MIME type, like how the "module" value denotes module scripts. By using a valid MIME type string now, you ensure that your data block will not ever be reinterpreted as a different script type, even in future user agents.

A valid MIME type is defined by the WHATWG here .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Refused to execute script runtime.js because MIME type is not executable Resource interpreted as Script but transferred with MIME type text/x-js js warning: Resource interpreted as Script but transferred with MIME type text/plain JSONP script returning MIME Type error How to change MIME type with script in ReactJS mime type node.js express Tumblr js output MIME type error Set my JS MIME type to “text/javascript” IE browser script to determine which (if any) ActiveX control will handle specific mime type Node.js route error: script MIME types are not allowed when 'X-Content-Type: nosniff' is given
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM