Link and execute external JavaScript file hosted on GitHub

javascript github

When I try to change the linked reference of a local JavaScript file to a GitHub raw version my test file stops working. The error is:

Refused to execute script from ... because its MIME type (text/plain) is not executable, and strict MIME type checking is enabled.

Is there a way to disable this behavior or is there a service that allows linking to GitHub raw files?

Working code:

<script src="bootstrap-wysiwyg.js"></script>

Non-working code:

<script src="https://raw.github.com/mindmup/bootstrap-wysiwyg/master/bootstrap-wysiwyg.js"></script>

There is a good workaround for this, now, by using jsdelivr.net.

Steps:

  1. Find your link on GitHub, and click to the "Raw" version.
  2. Copy the URL.
  3. Change raw.githubusercontent.com to cdn.jsdelivr.net
  4. Insert /gh/ before your username.
  5. Remove the branch name.
  6. (Optional) Insert the version you want to link to, as @version (if you do not do this, you will get the latest - which may cause long-term caching)

Examples:

http://raw.githubusercontent.com/<username>/<repo>/<branch>/path/to/file.js

Use this URL to get the latest version:

http://cdn.jsdelivr.net/gh/<username>/<repo>/path/to/file.js

Use this URL to get a specific version or commit hash:

http://cdn.jsdelivr.net/gh/<username>/<repo>@<version or hash>/path/to/file.js

For production environments, consider targeting a specific tag or commit-hash rather than the branch. Using the latest link may result in long-term caching of the file, causing your link to not be updated as you push new versions. Linking to a file by commit-hash or tag makes the link unique to version.

Why is this needed?

In 2013, GitHub started using X-Content-Type-Options: nosniff, which instructs more modern browsers to enforce strict MIME type checking. It then returns the raw files in a MIME type returned by the server, preventing the browser from using the file as-intended (if the browser honors the setting).

For background on this topic, please refer to this discussion thread.


This is no longer possible. GitHub has explicitly disabled JavaScript hotlinking, and newer versions of browsers respect that setting.

Heads up: nosniff header support coming to Chrome and Firefox


rawgithub.com redirects to rawgit.com So the above example would now be

http://rawgit.com/user/package/master/link.min.js

Related

Android: combining text & image on a Button or ImageButton
Scroll Automatically to the Bottom of the Page
Database development mistakes made by application developers [closed]
How do I create a folder in a GitHub repository?
Is it better to call ToList() or ToArray() in LINQ queries?
How do I "git blame" a deleted line?
What is the difference between "screen" and "only screen" in media queries?
How do I escape ampersands in XML so they are rendered as entities in HTML?
TypeScript getting error TS2304: cannot find name ' require'
How to disable mouse scroll wheel scaling with Google Maps API
App.Config Transformation for projects which are not Web Projects in Visual Studio?
Docker - Name is already in use by container