adding javascript widget code the right way

Question

I give customers javscript code that adds a widget to their website. Currently I ask them to paste this right above the </body> tag:

<script type="text/javascript">
var myHost = (("https:" == document.location.protocol) ? "https://" : "http://");
document.write(unescape("%3Cscript src='" + myHost + "www.mywebsite.com/mycode.js.php?u="+encodeURIComponent(window.location.host)+"' type='text/javascript'%3E%3C/script%3E"));
</script>

As you can see the code calls my script under http or https url depending on the page url.

Sometimes when a website html is not well formed the script can cause "operation aborted" bug on IE browsers.

I want to send customers code that will be attached to the <head> area.

1. How can I handle the http/https when calling code from head part?
2. Do you know if it will solve the operation aborted problem?

Answer 1

Just give them the HTTPS solution.

If their page is secure, it'll work fine; If not, there's nothing wrong with embedding a secure object in an insecure page.

<script type="text/javascript" src="https://www.mywebsite.com/mycode.js.php"&gt;&lt;/script&gt;

I can see you're passing the original domain in the querystring. You can fetch that from your JS code without the need for passing it through a GET parameter. You can check it using the document.referrer property.

Answer 2

It looks like Google handles their analytics code the exact same way (which I'm sure you know). What are you doing in your code? When I looked at the "operation aborted" link you provided it says as a solution to execute your code when the page has been loaded.

I'd recommend binding a function to the onload event and executing your DOM-manipulating code there.