JavaScript – What Does Google Mean by ‘Don’t Copy and Paste This Code’?

googlejavascript

Here is an excerpt from code from Google's recaptcha API (https://www.google.com/recaptcha/api.js):

/* PLEASE DO NOT COPY AND PASTE THIS CODE. */
(function() {
    if (!window['___grecaptcha_cfg']) { 
        window['___grecaptcha_cfg'] = {}; 
    };
    if (!window['___grecaptcha_cfg']['render']) { 
        window['___grecaptcha_cfg']['render'] = 'onload'; 
    };
    window['__google_recaptcha_client'] = true;
    var po = document.createElement('script'); 
    po.type = 'text/javascript'; 
    po.async = true;
    po.src = 'https://www.gstatic.com/recaptcha/api2/r20160314182818/recaptcha__it.js';
    var s = document.getElementsByTagName('script')[0];
    s.parentNode.insertBefore(po, s);
})();

Why does Google recommend not to copying and pasting this code? Is it because they would lose tracking information?

I think that the code inserts a script on the page. To avoid another connection it would be useful to copy and paste the code directly. Is this ok?

Best Answer

Note the po.src line: r20160314182818 looks to be a timestamp, so in this case it's probably giving you the version that was deployed on 3/14/2016 at 6:28:18 PM.

I suspect that the it bit means you are getting the Italian version, which means you are getting a version of api.js based on your physical location. Your profile mentions you are Italian, so I taken this as confirmation.

Note that when I follow the link above from California, that line looks like this:

 po.src = 'https://www.gstatic.com/recaptcha/api2/r20160314182818/recaptcha__en.js'

What this means in general is that Google is deploying changes to this API very often (given that the deployed version is only nine days old) and based on the user's location. This is likely done because captchas are a direct target for reverse engineering by people looking to automate whatever process the captcha protects and because captchas may have culturally significant features.

If you copy paste this code, it means:

You will be using a frozen codebase, and therefore not get any benefit of any changes Google might make.
You are forcing users worldwide to use a version meant for a particular locale. Perhaps your Japanese users will have problems with captchas designed for Italians.
If Google decides to remove that particular revision, your code will completely break.

When using any API, it is very important to always stick to the public API and never use anything private for reasons such as this.

Related Solutions

JavaScript – What Does Bubbling Mean in This Context?

Bubbling is an event flow mechanism in the DOM where events that are designated as "bubbling" (such as your click event), after being dispatched to their target, follow the target's parent chain upwards, checking for and triggering any event listeners registered on each successive target.

In other words, given a DOM like this:

<div id="foo">
  <div id="bar">
    <a href="/something">Click Target!</a>
  </div>
</div>

The click event that is triggered when the anchor is clicked will bubble up through the chain, triggering any click handlers on div#bar and div#foo on the way up.

ASM.js – What It Means for Developers and Users

You already described what it is. The use is that it's a low-level language that works across all browsers, is quite fast in most and very fast in some. What you make of this is as open-ended as what you do with any other programming language.

The use case Mozilla seems most keen on is this: There are already ways of compiling languages with LLVM backends (most prominently C and C++) to JavaScript, via Emscripten. asm.js is very close to what Emscripten already emits, so this allows Emscripten code (which is already impressively fast on today's JavaScript JIT compilers) to become even faster, furthering the goal of porting existing code bases to the web. Again, what exactly you use this for is your decision. Porting games is one use cases (which Mozilla is apparently actively involved in), but there are countless things written in C and C++, quite a few of which might come in handy for someone's web site. Some I've seen flung around (plus some of my own devising), with no guarantee regarding feasibility:

Porting general-purpose algorithms (e.g. zlib, libjpeg, openssl, FFT implementations) to empower JavaScript/websites to do more, without having to create a new web standard and depending on individual browsers to implement it.
Porting interpreters, so that languages other than JavaScript can run in the browser, with less overhead and minimal porting effort.
Using asm.js as a backend for more compilers, especially those that don't map well to JavaScript and don't need most of its features and overhead. An example could be a language designed for fast numeric work with no memory allocation.
Using asm.js to create a JIT in JavaScript. It may implement any language at all -- for example ActionScript.
In the same vein, porting existing JIT compilers to run in the browser (cf. porting interpreters, with effectively nil overhead over JS). This is probably only feasible when JIT compilers are automatically generated, as with PyPy.

Best Answer

Related Solutions

JavaScript – What Does Bubbling Mean in This Context?

ASM.js – What It Means for Developers and Users

Related Topic