over unencrypted connections. 2. Browsers accept whatever happens to live at a URL as canonical. 3. Browsers load any and all resources a page requests.
class="clckr">Click me!</a> <!-- clickHandler.js --> function handleClick() { ... } function init() { for (var e in document.querySelectorAll('.clckr')) e.addEventListener('click', handleClick); }
<script nonce="THIS-IS-A-RANDOM-NONCE"> function handleClick() { ... } function init() { var e; for (e in document.querySelectorAll('.clckr')) e.addEventListener('click', handleClick); } </script>
<script> function handleClick() { ... } function init() { var e; for (e in document.querySelectorAll('.clckr')) e.addEventListener('click', handleClick); } </script>