Why Protocol-Relative URLs are Considered Anti-Pattern?
It's because protocol-relative URLs may resolve the resource to use HTTP
or HTTPS
depending on the server configuration and/or how the page was accessed. Since HTTP
is not secure, it is not recommended to use it anymore; the recommendation now is to use HTTPS
instead (as it is far more secure than using HTTP
). Besides security implications of using HTTP
, it may also not be future-proof, as many new features might only work if SSL is enabled. Therefore, it makes little sense to use protocol-relative URLs or HTTP
moving forward.
Why Were Protocol-Relative URLs Used?
Using protocol-relative URLs provided a convenient way to resolve to either HTTP
or HTTPS
, for example by creating a link in an HTML document without a specific protocol like so:
<a href="//example.com/some/resource">Example</a>
The above resource would resolve to either http://example.com/some/resource
or https://example.com/some/resource
depending on whether the website was accessed with HTTP
or HTTPS
.
Prior to using protocol-relative URLs, there were situations where a website might be accessed over one protocol but might be loading some resources over another protocol. For instance, when a website may have been served over HTTPS
but static assets were loaded over HTTP
. In such cases, the browsers would complain about websites loading mixed content. Therefore, protocol-relative URLs became a popular solution for such scenarios, and were widely used at one point.
Hope you found this post useful. It was published . Please show your love and support by sharing this post.