Our volunteers haven't translated this article into عربي yet. Join us and help get the job done!
Summary
The HTML Script Element (<script>
) is used to embed or reference an executable script within an HTML or XHTML document.
Scripts without async
or defer
attributes, as well as inline scripts, are fetched and executed immediately, before the browser continues to parse the page.
Content categories | Metadata content, Flow content, Phrasing content. |
---|---|
Permitted content | Dynamic script such as text/javascript . |
Tag omission | None, both the starting and ending tag are mandatory. |
Permitted parent elements | Any element that accepts metadata content, or any element that accepts phrasing content. |
DOM interface | HTMLScriptElement |
Attributes
This element includes the global attributes.
async
HTML5- Set this Boolean attribute to indicate that the browser should, if possible, execute the script asynchronously. It has no effect on inline scripts (i.e., scripts that don't have the src attribute).
- See Browser compatibility for notes on browser support. See also Async scripts for asm.js.
integrity
- Contains inline metadata that a user agent can use to verify that a fetched resource has been delivered free of unexpected manipulation. See Subresource Integrity.
src
- This attribute specifies the URI of an external script; this can be used as an alternative to embedding a script directly within a document. If a
script
element has asrc
attribute specified, it should not have a script embedded inside its tags. type
- This attribute identifies the scripting language of code embedded within a
script
element or referenced via the element’ssrc
attribute. This is specified as a MIME type; examples of supported MIME types includetext/javascript
,text/ecmascript
,application/javascript
, andapplication/ecmascript
. If this attribute is absent, the script is treated as JavaScript. - If the MIME type specified is not a JavaScript type the content embedded within its tags is treated as a data block which won't be processed by the browser.
- If the type specified is
module
the code is treated as a JavaScript module . See ES6 in Depth: Modules
Note that in Firefox you can use advanced features such as let statements and other features in later JS versions, by usingtype=application/javascript;version=1.8
. Beware, however, that as this is a non-standard feature, this will most likely break support for other browsers, in particular Chromium-based browsers. - For how to include exotic programming languages, read about Rosetta.
text
- Like the
textContent
attribute, this attribute sets the text content of the element. Unlike thetextContent
attribute, however, this attribute is evaluated as executable code after the node is inserted into the DOM. language
- Like the
type
attribute, this attribute identifies the scripting language in use. Unlike thetype
attribute, however, this attribute’s possible values were never standardized. Thetype
attribute should be used instead. defer
- This Boolean attribute is set to indicate to a browser that the script is meant to be executed after the document has been parsed, but before firing
DOMContentLoaded
. Thedefer
attribute shouldn't be used on scripts that don't have thesrc
attribute. crossorigin
- Normal
script
elements pass minimal information to thewindow.onerror
for scripts which do not pass the standard CORS checks. To allow error logging for sites which use a separate domain for static media, use this attribute.
Examples
<!-- HTML4 and (x)HTML --> <script type="text/javascript" src="javascript.js"></script> <!-- HTML5 --> <script src="javascript.js"></script>
Specifications
Specification | Status | Comments |
---|---|---|
WHATWG HTML Living Standard The definition of '<script>' in that specification. |
Living Standard | Adds the module type |
HTML5 The definition of '<script>' in that specification. |
Recommendation | |
HTML 4.01 Specification The definition of '<script>' in that specification. |
Recommendation | |
Subresource Integrity The definition of '<script>' in that specification. |
Recommendation | Adds the integrity attribute. |
Browser compatibility
Feature | Chrome | Firefox (Gecko) | Internet Explorer | Opera | Safari |
---|---|---|---|---|---|
Basic support | 1.0 | 1.0 (1.7 or earlier)[2] | (Yes) | (Yes) | (Yes) |
async attribute | (Yes)[1] | 3.6 (1.9.2)[1] | 10[1] | 15[1] | (Yes)[1] |
defer attribute | (Yes) | 3.5 (1.9.1)[6] |
4[3] |
No support | (Yes) |
crossorigin attribute | 30.0 | 13 (13) | No support | 12.50 | (Yes)[4] |
integrity attribute | 45.0 | 43 (43) | No support[5] |
Feature | Android | Android Webview | Firefox Mobile (Gecko) | IE Mobile | Opera Mobile | Safari Mobile | Chrome for Android |
---|---|---|---|---|---|---|---|
Basic support | (Yes) | (Yes) | 1.0 (1.0)[2] | (Yes) | (Yes) | (Yes) | (Yes) |
async attribute | (Yes)[1] | (Yes)[1] | 1.0 (1.0)[1] | No support[1] | ?[1] | (Yes)[1] | (Yes)[1] |
defer attribute | (Yes) | (Yes) | 1.0 (1.0) | No support | ? | (Yes) | (Yes) |
integrity attribute | No support | 45.0 | 43 (43) | 45.0 |
[1] In older browsers that don't support the async
attribute, parser-inserted scripts block the parser; script-inserted scripts execute asynchronously in IE and WebKit, but synchronously in Opera and pre-4.0 Firefox. In Firefox 4.0, the async
DOM property defaults to true
for script-created scripts, so the default behavior matches the behavior of IE and WebKit. To request script-inserted external scripts be executed in the insertion order in browsers where the document.createElement("script").async
evaluates to true
(such as Firefox 4.0), set .async=false
on the scripts you want to maintain order. Never call document.write()
from an async
script. In Gecko 1.9.2, calling document.write()
has an unpredictable effect. In Gecko 2.0, calling document.write()
from an async
script has no effect (other than printing a warning to the error console).
[2] Starting in Gecko 2.0 (Firefox 4 / Thunderbird 3.3 / SeaMonkey 2.1), inserting script elements that have been created by calling document.createElement("script")
into the DOM no longer enforces execution in insertion order. This change lets Gecko properly abide by the HTML5 specification. To make script-inserted external scripts execute in their insertion order, set .async=false
on them.
Also, <script>
elements inside <iframe>
, <noembed>
and <noframes>
elements are now executed, for the same reasons.
[3] In versions prior to Internet Explorer 10 Trident implemented <script>
by a proprietary specification. Since version 10 it conforms to the W3C specification.
[4] The crossorigin
attribute was implemented in WebKit in WebKit bug 81438.
[5] WebKit bug 148363 tracks WebKit implementation of Subresource Integrity (which includes the integrity
attribute).
[6] Since Gecko 1.9.2 (Firefox 3.6 / Thunderbird 3.1 / Fennec 1.0), the defer
attribute is ignored on scripts that don't have the src
attribute. However, in Gecko 1.9.1 (Firefox 3.5 / Thunderbird 3.0 / SeaMonkey 2.0) even inline scripts are deferred if the defer
attribute is set.