Does using //www.example.com in Javascript chose http/https protocol automatically

Leaving out the http seems to make it connect using HTTP, but I don't have a site with HTTPS enabled to test whether its true for HTTPS also.

Does using //www.example.com/test.js automatically pick the protocol based on the main document's protocol?

Answers:

Answer

http://paulirish.com/2010/the-protocol-relative-url/

has a great article regarding this very issue. Included here:

The protocol-relative URL

October 27th, 2010

Author : Paul Irish

There's this little trick you can get away with that'll save you some headaches:

<img src="//domain.com/img/logo.png">

If the browser is viewing that current page in through HTTPS, then it'll request that asset with the HTTPS protocol, otherwise it'll typically* request it with HTTP. This prevents that awful "This Page Contains Both Secure and Non-Secure Items" error message in IE, keeping all your asset requests within the same protocol.

*Of course, if you're viewing the file locally, it'll try to request the file with the file:// protocol.

We use this trick in the HTML5 Boilerplate for a clever request of jQuery off the Google CDN:

<script src="//ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.js"></script>
<script>!window.jQuery && document.write(unescape('%3Cscript src="js/libs/jquery-1.4.2.js"%3E%3C/script%3E'))</script>

Technically, this is called a "network-path reference" according to RFC 3986. Oh and if you want to be truly correct, you'll use the term "scheme" instead of "protocol" when talking about URLs.

This trick also works fine in CSS:

.omgomg { background: url(//websbestgifs.net/kittyonadolphin.gif); }

… assuming the site you're pointing to has this asset available on both HTTP and HTTPS.

Caveat: When used on a <link> or @import for a stylesheet, IE7 and IE8 download the file twice. All other uses, however, are just fine.

Thx to miketaylr, ralphholzmann, annevk for smarts on this, and ajaxian, where I think I learned it like 4 years ago? maybe?

2011.01.23: But.. what about using this on the google analytics snippet? Yes of course, wouldn't that be nice.. So I worked with the Google Analytics javascript lead developer (God, I love working at google) to see if we could do this.. turns out we can't. There is an edgecase bug in IE6 that causes a dialog to blow up… under some security settings (unsure if they are default) when requesting form the non-'ssl' subdomain. screenshot here. So feel free to take 40 bytes off your GA snippet if you don't care about IE6.. otherwise you're gonna need that ternary operator. :)

Tags

Recent Questions

Top Questions

Home Tags Terms of Service Privacy Policy DMCA Contact Us

©2020 All rights reserved.