<script>

In This Article

Attributes
1. Deprecated attributes
Notes
Examples
Specifications
Browser compatibility
See also

The HTML <script> element is used to embed or reference an executable script.

Content categories	Metadata content, Flow content, Phrasing content.
Permitted content	Dynamic script such as `text/javascript`.
Tag omission	None, both the starting and ending tag are mandatory.
Permitted parents	Any element that accepts metadata content, or any element that accepts phrasing content.
Permitted ARIA roles	None
DOM interface	`HTMLScriptElement`

Attributes

This element includes the global attributes.

Indicates the type of script respresented. It's possible values fall into one of these categories:

async HTML5

Set this Boolean attribute to indicate that the browser should, if possible, execute the script asynchronously. This attribute must not be used if the src attribute is absent (i.e. for inline scripts), in this case it would have no effect.

Dynamically inserted scripts execute asynchronously by default, so to turn on synchronous execution (i.e. scripts execute in the order they were loaded) set `async=false`

See Browser compatibility for notes on browser support. See also Async scripts for asm.js.

crossorigin

Normal script elements pass minimal information to the window.onerror for scripts which do not pass the standard CORS checks. To allow error logging for sites which use a separate domain for static media, use this attribute. See CORS settings attributes for a more descriptive explanation of the valid arguments.

defer

This Boolean attribute is set to indicate to a browser that the script is meant to be executed after the document has been parsed, but before firing DOMContentLoaded. This attribute must not be used if the src attribute is absent (i.e. for inline scripts), in this case it would have no effect. To achieve a similar effect for dynamically inserted scripts use `async=false` instead.

integrity

Contains inline metadata that a user agent can use to verify that a fetched resource has been delivered free of unexpected manipulation. See Subresource Integrity.

nomodule

This Boolean attribute is set to indicate that the script should not be executed in browsers that support ES6 modules — in effect, this can be used to serve fallback scripts to older browsers that do not support modular JavaScript code.

src

This attribute specifies the URI of an external script; this can be used as an alternative to embedding a script directly within a document. If a script element has a src attribute specified, it should not have a script embedded inside its tags.

text

Like the textContent attribute, this attribute sets the text content of the element. Unlike the textContent attribute, however, this attribute is evaluated as executable code after the node is inserted into the DOM.

type

Indicates the type of script represented. The value of this attribute will be in one of the following categories:

Omitted or a JavaScript MIME type: For HTML5-complient browsers this indicates the script is JavaScript. HTML5 spec urges authors to omit the attribute rather than provided a redundant MIME type. In earlier browsers, this identified the scripting language of the embedded or imported (via the src attribute) code. JavaScript MIME types are listed in the specification.
module: For HTML5-complient browsers the code is treated as a JavaScript module. Processing of the script contents are not affected by the charset and defer attributes. For information on using module, see ES6 in Depth: Modules.
Any other value or MIME type: Embedded content is treated as a data block which won't be processed by the browser. The src attribute will be ignored.

Note that in Firefox you can use advanced features such as let statements and other features in later JS versions, by using type=application/javascript;version=1.8 . Beware, however, that as this is a non-standard feature, this will most likely break support for other browsers, in particular Chromium-based browsers.

For how to include exotic programming languages, read about Rosetta.

Deprecated attributes

language: Like the type attribute, this attribute identifies the scripting language in use. Unlike the type attribute, however, this attribute’s possible values were never standardized. The type attribute should be used instead.

Notes

Scripts without async or defer attributes, as well as inline scripts, are fetched and executed immediately, before the browser continues to parse the page.

The script should be served with the text/javascript MIME type, but browsers are lenient and only block them if the script is served with an image type (image/*), a video type (video/*), an audio (audio/*) type, or text/csv. If the script is blocked, an error is sent to the element, if not a load event is sent.

Examples

<!-- HTML4 and (x)HTML -->
<script type="text/javascript" src="javascript.js"></script>

<!-- HTML5 -->
<script src="javascript.js"></script>

Specifications

Specification	Status	Comments
HTML Living Standard The definition of '<script>' in that specification.	Living Standard	Adds the module type
HTML5 The definition of '<script>' in that specification.	Recommendation
HTML 4.01 Specification The definition of '<script>' in that specification.	Recommendation
Subresource Integrity The definition of '<script>' in that specification.	Recommendation	Adds the integrity attribute.

Feature	Chrome	Edge	Firefox (Gecko)	Internet Explorer	Opera	Safari
Basic support	1.0	(Yes)	1.0 (1.7 or earlier)^[2]	(Yes)	(Yes)	(Yes)
`async` attribute	(Yes)^[1]	(Yes)	3.6 (1.9.2)^[1]	10^[1]	15^[1]	(Yes)^[1]
`defer` attribute	(Yes)	(Yes)	3.5 (1.9.1)^[6]	4^[3] 10	No support	(Yes)
`crossorigin` attribute	30.0	(Yes)	13 (13)	No support	12.50	(Yes)^[4]
`integrity` attribute	45.0	No support	43 (43)	No support	?	No support^[5]
`module` attribute	No support	No support	No support	No support	No support	(Yes)
`nomodule` attribute	(Yes)	No support	No support^[7]	No support	No support	No support

Feature	Android Webview	Chrome for Android	Edge	Firefox Mobile (Gecko)	IE Mobile	Opera Mobile	Safari Mobile
Basic support	(Yes)	(Yes)	(Yes)	1.0 (1.0)^[2]	(Yes)	(Yes)	(Yes)
async attribute	(Yes)^[1]	(Yes)^[1]	(Yes)	1.0 (1.0)^[1]	No support^[1]	?^[1]	(Yes)^[1]
crossorigin attribute	(Yes)	(Yes)	No support	No support	No support	No support	No support
defer attribute	(Yes)	(Yes)	(Yes)	1.0 (1.0)	No support	?	(Yes)
integrity attribute	45.0	45.0	No support	43.0 (43)	No support	(Yes)	?
`module` attribute	No support	No support	No support	No support	No support	No support	(Yes)
nomodule attribute	(Yes)	(Yes)	No support	No support^[7]	No support	No support	No support

[1] In older browsers that don't support the async attribute, parser-inserted scripts block the parser; script-inserted scripts execute asynchronously in IE and WebKit, but synchronously in Opera and pre-4.0 Firefox. In Firefox 4.0, the async DOM property defaults to true for script-created scripts, so the default behavior matches the behavior of IE and WebKit. To request script-inserted external scripts be executed in the insertion order in browsers where the document.createElement("script").async evaluates to true (such as Firefox 4.0), set .async=false on the scripts you want to maintain order. Never call document.write() from an async script. In Gecko 1.9.2, calling document.write() has an unpredictable effect. In Gecko 2.0, calling document.write() from an async script has no effect (other than printing a warning to the error console).

[2] Starting in Gecko 2.0 (Firefox 4 / Thunderbird 3.3 / SeaMonkey 2.1), inserting script elements that have been created by calling document.createElement("script") into the DOM no longer enforces execution in insertion order. This change lets Gecko properly abide by the HTML5 specification. To make script-inserted external scripts execute in their insertion order, set .async=false on them.

Also, <script> elements inside <iframe>, <noembed> and <noframes> elements are now executed, for the same reasons.

[3] In versions prior to Internet Explorer 10 Trident implemented <script> by a proprietary specification. Since version 10 it conforms to the W3C specification.

[4] The crossorigin attribute was implemented in WebKit in WebKit bug 81438.

[5] WebKit bug 148363 tracks WebKit implementation of Subresource Integrity (which includes the integrity attribute).

[6] Since Gecko 1.9.2 (Firefox 3.6 / Thunderbird 3.1 / Fennec 1.0), the defer attribute is ignored on scripts that don't have the src attribute. However, in Gecko 1.9.1 (Firefox 3.5 / Thunderbird 3.0 / SeaMonkey 2.0) even inline scripts are deferred if the defer attribute is set.

[7] nomodule is currently preffed off in Firefox. To test it, go to about:config and set the dom.moduleScripts.enabled pref to true.

Document Tags and Contributors

Tags:

Contributors to this page: jpmedley, wheresrhys, madarche, teriba, chrisdavidmills, sideshowbarker, arronei, bryc, Krinkle, auchenberg, libbymc, Peppesterest, teoli, torbasow, phistuck, jaffathecake, gurdiga, jonathanKingston, Sebastianz, pallxk, wbamberg, jswisher, mgwhitfield, fbender, Nickolay, Jeremie, kdex, Luke314, fusionchess, Syrian-Guy, Botulism, CTN444, Oliver, kscarfone, karlwestin, acdha, ethertank, tregagnon, Sheppy, Messie, brunoais, medicdude, Jesdisciple, rgrove, Psz, paul.irish, fscholz, McGurk, sicking, osdm, kmaglione, Hsivonen, Ms2ger, HelderMagalhaes, vidyadhara, PGaries

Last updated by: jpmedley, Jul 24, 2017, 12:28:55 PM