Is it "safe" to use schemeless protocol URIs on public websites? Ex. //www.example.com/dir/file [duplicate]

This question already has answers here: Can I change all my http:// links to just //? (7 answers) Closed 8 years ago.

In HTML when referencing images, css, javascript, etc... I sometimes use links without the http or https scheme portion, à la. <img src="//www.example.com/dir/file.gif" alt="" /> and I haven't had any browsers choke on i开发者_如何学Got yet (that I know of). I've seen a few other public sites use it as well, but not many.

I even reference the Google jQuery CDN with this syntax on an e-commerce site:

<script src="//ajax.googleapis.com/ajax/.." type="text/javascript"></script>

Obviously, I only do this when I know the server has both http and https capabilities. (Usually my own sites)

So my question is what harm can this cause? What are the pitfalls or downsides?

---

A recent blog answered my question and sent me off to a couple places to learn more.

• IE 7/8 double downloads stylesheets
• The RFC describing "network path reference"

The answer is most definitely yes as long as you are aware of two things:

1. The server with your content needs to be accessible with and without SSL (should be obvious)
2. IE 7/8 will request stylesheets twice so you might want to avoid using the technique for stylesheets

---

It will not harm anyway. Actually, if you write src="http://ajax.googleapis.com/ajax/.. and your user will browse site over HTTPS then browser will warn user that parts of the site uses HTTP. It is better to use // notation for such cases.

---

This may not apply in this specific case, however one of the pattern we're using for our mobile apps development is to download the HTML locally to the device and render it in a web control. scripts using schemeless URL will not work as mentioned above.