All text JavaScript types are deprecated according to RFC 4329

[ExE-Boss]

RFC 4329 deprecated all text JavaScript types, so that should probably be mentioned in the specification (but they still have to be parsed as valid JavaScript types, as legacy websites tend to use type/javascript).

This probably also applies to application/x-javascript and application/x-ecmascript, as they use the x- prefix, usage of which is deprecated according to RFC 6838.

[sideshowbarker]

Browser engines don’t follow RFC 4329 on this. Instead they use text/javascript; see for example https://html.spec.whatwg.org/multipage/scripting.html#script-processing-model:the-script-element-24

The other relevant normative standard here is the HTML spec, which says:

https://html.spec.whatwg.org/multipage/scripting.html#scriptingLanguages

Servers should use text/javascript for JavaScript resources. Servers should not use other JavaScript MIME types for JavaScript resources, and must not use non-JavaScript MIME types.

So if any change is to be made for this to the MIME Sniffing standard, it seems it should be updated to align with what the HTML specs — that is, it should say all JavaScript MIME types other than text/javascript should not be used.

[annevk]

That RFC is being updated too with one that obsoletes all types except for text/javascript, as I understand it: https://github.com/bmeck/I-D.

[ExE-Boss]

We prefer application/json and application/xml over text/json and text/xml, so why exactly are the JavaScript media types treated differently with text/javascript being preferred over application/javascript?

Is it really just for legacy, outdated and full-of-vulnerabilities browsers that no‑one in their right mind should be using in 2018?

Because last I checked, all modern browsers treat application/javascript and text/javascript identically, and the only difference between text/ and application/ is that text/ types can be loss‑lessly converted between different UTF forms (or other encodings) during transmission, but that doesn’t apply to any other tree (including application/).

[annevk]

I don't really understand the preference for application/xml. I don't think text/json was ever official, but that seems like a better fit too.

[annevk]

Since this kind of thing doesn't really affect the MIME Sniffing Standard I'm going to close this. It seems this can be decided upon and documented elsewhere. If we were ever to canonicalize I'd strongly suspect we'd use text/javascript given its long history in HTML and its general consistency with CSS and HTML MIME types.