With this I can generate a like button :D
<script>(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook/en_US/all.js#xfbml=1";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));</script>
but why is it not
js.src = "some protocol://connect.facebook/en_US/all.js#xfbml=1";
Why no specific the protocol?
With this I can generate a like button :D
<script>(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook/en_US/all.js#xfbml=1";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));</script>
but why is it not
js.src = "some protocol://connect.facebook/en_US/all.js#xfbml=1";
Why no specific the protocol?
Share Improve this question edited Dec 31, 2019 at 8:37 mplungjan 178k28 gold badges181 silver badges240 bronze badges asked Feb 12, 2013 at 12:35 Ser1Ser1 555 bronze badges 1- Possible duplicate of Is it valid to replace http:// with // in a <script src="http://...">? – T.Todua Commented Dec 1, 2016 at 17:51
5 Answers
Reset to default 8That’s a helpful trick which allows you to use a single reference that works on both HTTP and HTTPS pages. When a URL’s protocol is omitted, the browser uses the underlying document’s protocol instead.
On a page loaded through regular, unencrypted HTTP, script references using that URL will be loaded via HTTP and be cached as normal. Likewise, on a secure page that was loaded via HTTPS.
Thus, using the protocol-less URL allows a single script reference to adapt itself to what’s most optimal: HTTP and it’s full caching support on HTTP pages, and HTTPS on secured pages so that your users aren’t confronted with a mixed content warning.
Source: http://encosia./cripple-the-google-cdns-caching-with-a-single-character/
It's a little trick called protocol-relative URL that "save you some headaches".
not specifying a protocol makes sure that the same protocol used in the initiating request is assumed also for the request of the script file.
if you request via http, the script will be loaded via https, etc..
Why no specific the protocol?
Because omitting the scheme part of an URL tells the client to use the protocol he has already been using the request the document this resource is embedded into.
In this case, it allows the browser to choose http:// or https://, depending on whether the document itself was loaded via “normal” HTTP or HTTPS.
When the protocol is omitted, the browser assumes either http or https in accordance with the current page's protocol. This allows for the inclusion of external resources without worrying about security warnings.
Of course, for this to work the path of the external resource must be available in the current page's protocol.