DEV Community


Discussion on: Why hasn't the 'script' tag gotten a void version, yet? (E.g. 'extscript')

alohci profile image
Nicholas Stimpson • Edited

There's no practical reason why browsers couldn't parse <script src="file.js"/> as being self-closing. In fact, it's what they do for foreign elements like <svg/>.

As it happens, at least one browser (Safari, I believe) did do this for a while. But it turned out that it wasn't web-compatible. That is, too many developers had created pages where they erroneously used <script ... /> when they'd meant <script ... > as a start tag, following it with script and a close tag. Because browsers had fixed up the markup, the JavaScript that was previously inside the script element was, with Safari's parsing modification, now regular text displayed to the user on the page.

You're right that a new element could be minted, but minting new elements have to clear a much higher hurdle than just "it'd be nice", because every new element - and especially one that ran external scripts - increases the attack surface for security and privacy vulnerabilities, as well as a general maintenance overhead.

baenencalin profile image
Calin Baenen Author

Well, honestly, why should it have to face any hurdles, like with your last example of security, since it wouldn't be any more than a shortening of the current syntax, so whatever you can do with that, you could do with this.

And again, why not just support <script src=""/>?
Just have it be an accepted way of doing it, like you said, how it handles <svg>. Personally, I see nothing wrong with this approach, and I don't see why this hasn't really been corrected for the sake of HTML tag length.

Forem Open with the Forem app