2

Possible Duplicate:
When do I need to specify the JavaScript protocol?

for example

 <body onload="javascript:something();">

in this code, should I put javascript: ?

some of the codes attatch javascript:,

but some don't.

what is the safe and correct?

Community
  • 1
  • 1
Sungguk Lim
  • 6,109
  • 7
  • 43
  • 63
  • Duplicate: http://stackoverflow.com/questions/2321469/when-do-i-need-to-specify-the-javascript-protocol – T.J. Crowder Apr 11 '10 at 06:55
  • Okay, that's really really weird: I wrote the comment above starting with the word "Duplicate". I **did not** write the one starting with the word "possible" that is showing up as from me. (Flagged for mods.) – T.J. Crowder Apr 11 '10 at 07:03
  • 1
    @T.J. Crowder: That comment is automatic, it's generated if you are the first who voted for a particular duplicate... See: http://meta.stackexchange.com/questions/44173/autocomment-when-voting-to-close-as-duplicate – Christian C. Salvadó Apr 11 '10 at 07:10

3 Answers3

3

No. Just use your javascript. 

<body onload="something();">

javascript: can be used with the href attribute of a element.

<a href="javascript:something();">

But just for the protocol, I prefer using the onload method.

Fitzchak Yitzchaki
  • 9,095
  • 12
  • 56
  • 96
  • 4
    That's not good advice. The JavaScript pseudo-protocol shouldn't be used for links either. You should attach a handler to the onclick event that returns false if you want clicking a link to execute JavaScript code. – Jimmy Apr 11 '10 at 06:52
  • 1
    @Jimmy: It's not a "protocol", it's a "scheme". And it's not a pseudo-anything: http://tools.ietf.org/html/draft-hoehrmann-javascript-scheme-01 It's been in IE since v3 (yes, v3) and in all major browsers since. – T.J. Crowder Apr 11 '10 at 07:05
  • To be fair, an anchor point may not make sense semantically, in which case a click handler on a semantically neutral element is a better option than an . However, that's not a reason to avoid the 'javascript:' scheme. – outis Apr 11 '10 at 08:03
  • Just to be clear, you dont need it, and it will be ignored. – James Westgate Apr 11 '10 at 09:05
  • 2
    JavaScript is traditionally known as a ‘pseudo-protocol’ because unlike almost every other scheme it does not represent a location, but an action to be performed on the current location. A URL that is not a locator is something that doesn't really make much sense, and indeed problems with accepting `javascript:` URLs where a locator was expected have caused innumerable security holes in the past. There are also usability problems, eg. middle-click link for new tab... oh dear, I've got an empty tab with a JavaScript error in it instead. – bobince Apr 11 '10 at 11:25
  • 2
    Now-documented in a Draft or not, `javascript:` URLs are a total disaster and should never be used in a web page. They were one of the many dreadful mistakes Netscape made when trying to attain a competitive advantage for Navigator by breaking the web in other browsers. Whilst some of those mistakes have been rectified and airbrushed out of history (eg. ``), `javascript:` hangs around like a bad smell. For anything but bookmarklets, avoid avoid avoid. – bobince Apr 11 '10 at 11:26
3

A better solution would be to avoid explicit use of JavaScript in your markup altogether and to use something like jQuery to extract it all to a separate file; you can then do something like this:

$(function()
{
    // This will be run when the document is loaded.
    alert('foo');

    $('#some-link').click(function()
    {
        // This will be run when the element with id `some-link` is clicked.
        alert('bar');
    });
});
Will Vousden
  • 32,488
  • 9
  • 84
  • 95
1

I'd suggest something like

<body>
...
<script>
function something() {}
window.onload = something;
</script>
Ms2ger
  • 15,596
  • 6
  • 36
  • 35