template::add_body_script (public)

 template::add_body_script [ -async ] [ -charset charset ] \
    [ -crossorigin crossorigin ] [ -defer ] [ -integrity integrity ] \
    [ -script script ] [ -src src ] [ -type type ]

Defined in packages/acs-templating/tcl/head-procs.tcl

Add a script to the start of the body section of the document to be returned to the users client. You must supply either src or script.

Switches:
-async (optional, boolean)
whether execution of the script should be executed asynchronously as soon as it is available
-charset (optional)
the charset attribute of the script tag, i.e. the character set of the script if it differs from the main document
-crossorigin (optional)
Enumerated attribute to indicate whether CORS (Cross-Origin Resource Sharing) should be used
-defer (optional, boolean)
whether execution of the script should be deferred until after the page has been loaded
-integrity (optional)
provide hash values for W3C Subresource Integrity recommendation
-script (optional)
the inline script for the body of the script tag. This parameter will be ignored if a value has been supplied for src
-src (optional)
the src attribute of the script tag, i.e. the source url of the script
-type (optional, defaults to "text/javascript")
the type attribute of the script tag, e.g. 'text/javascript'

Partial Call Graph (max 5 caller/called nodes):
%3 test_templates_and_scripts templates_and_scripts (test acs-templating) template::add_body_script template::add_body_script test_templates_and_scripts->template::add_body_script test_xowiki_test_cases xowiki_test_cases (test xowiki) test_xowiki_test_cases->template::add_body_script security::csp::require security::csp::require (public) template::add_body_script->security::csp::require template::head::require_csp template::head::require_csp (private) template::add_body_script->template::head::require_csp Class ::xowiki::formfield::FormField Class ::xowiki::formfield::FormField (public) Class ::xowiki::formfield::FormField->template::add_body_script Class ::xowiki::includelet::personal-notification-messages Class ::xowiki::includelet::personal-notification-messages (public) Class ::xowiki::includelet::personal-notification-messages->template::add_body_script Object ::xo::api Object ::xo::api (public) Object ::xo::api->template::add_body_script ad_html_text_convert ad_html_text_convert (public) ad_html_text_convert->template::add_body_script anchor_form anchor_form (public) anchor_form->template::add_body_script

Testcases:
templates_and_scripts, xowiki_test_cases
Source code:

    if {$defer_p} {
        set defer defer
    } else {
        set defer ""
    }
    if {$async_p} {
        set async async
    } else {
        set async ""
    }

    if {$src eq "" && $script eq ""} {
        error "You must supply either -src or -script."
    }

    if {$script ne ""} {
        #
        # We have an inline script.
        #
        # For the time being, not all browsers support
        # nonces. According to the specs the added 'unsafe-inline',
        # is ignored on browsers supporting nonces.
        #
        # We could restrict setting of unsafe-inline to certain
        # browsers by checking the user agent.
        #
        security::csp::require script-src 'unsafe-inline'
    } else {
        #
        # Replace potential URN in src with resolved value
        #
        set key ::template::head::urn($src)
        if {[info exists $key]} {
            template::head::require_csp $::template::head::urn_csp($src)
            set src [set $key]
        } elseif {[string match urn:* $src]} {
            ns_log error "URN <$src> could not be resolved"
        }
    }

    lappend ::template::body_scripts $type $src $charset $defer $async $script $crossorigin $integrity
XQL Not present:
Generic, PostgreSQL, Oracle
[ hide source ] | [ make this the default ]
Show another procedure: