The following practice is fairly commonplace in the inline JavaScript I have to work with:

<script type=\"text/javascript\">
   <!--
       // Code goes here
   //-->
</script>

I know that the point is to prevent browsers that are incompatible with JavaScript from rendering the source, but is this still a best practice today? The vast majority of browsers used today can interpret JavaScript; even modern mobile devices usually don\'t have trouble.

As for the \'why not?\' question: I recently had to spend several hours debugging an issue where someone had left off the \'//\' in front of a \'-->\' at the end of a script tag buried deep in some pages, and this was causing mysterious JavaScript errors.

What do you do? Is this still considered a \'best practice?\'

The important thing is that nowadays, whether a particular browser supports JavaScript or not is irrelevant (clearly the great majority do) - it is irrelevant because almost all understand script blocks, which means that they know to ignore the JavaScript even if they can\'t interpret it.

Matt Kruse gives a slightly more detailed explanation on his JavaScript Toolbox site for why specifically not to use HTML comments within script blocks.

Quoted from that page:

Don\'t Use HTML Comments In Script Blocks

In the ancient days of javascript (1995), some browsers like Netscape 1.0 didn\'t have any support or knowledge of the script tag. So when javascript was first released, a technique was needed to hide the code from older browsers so they wouldn\'t show it as text in the page. The \'hack\' was to use HTML comments within the script block to hide the code.

Using HTML Comments In Script Is Bad

// DON\'T do this! Code is just representative on how things were done
<script language=\"javascript\">
<!--
   // code here
//-->
</script>

No browsers in common use today are ignorant of the <script> tag, so hiding of javascript source is no longer necessary. In fact, it can be considered harmful for the following reasons:

• Within XHTML documents, the source will actually be hidden from all browsers and rendered useless
• -- is not allowed within HTML comments, so any decrement operations in script are invalid

I\'ve stopped doing it. At some point you just have to let go of your NCSA Mosaic.

No, it is a hangover from a workaround used when the script element was first introduced. No browser fails to understand the script element today (even if it understands it as \"Script that should be ignored because scripting is turned off or unsupported\").

In XHTML, they are actively harmful.

I wrote something about the history of it a while back.

As per W3C Recommendation it was mainly useful to hide the script data from USER AGENTS.

Quoted from the W3c page :

Commenting scripts in JavaScript The JavaScript engine allows the string \"<!--\" to occur at the start of a SCRIPT element, and ignores further characters until the end of the line. JavaScript interprets \"//\" as starting a comment extending to the end of the current line. This is needed to hide the string \"-->\" from the JavaScript parser.

    <SCRIPT type=\"text/javascript\">
<!--  to hide script contents from old browsers
  function square(i) {
    document.write(\"The call passed \", i ,\" to the function.\",\"<BR>\")
    return i * i
  }
  document.write(\"The function returned \",square(5),\".\")
// end hiding contents from old browsers  -->
</SCRIPT>

Stopped using this a while back. Also, according to Douglas Crockford, you can drop the type attribute from your script tags since the only scripting language available in most browsers is JavaScript.

If you are typing manually, I suggest you always use external js files, that would help so much.

Regarding your concern: most browsers are JavaScript safe today. However sometimes people may write simple parsers to fetch a HTML directly - and I must say, the safe quote is really helpful for those clients. Also some non-JS clients like old Lynx would get benefits from this.

If you do not include literal text between script tags- that is, if you load scripts from src files, you can forget about the comments.

I would recommend using a CDATA section, as described in this question.

I stopped doing that ages ago. You really don\'t need it in this day and age.

I don\'t do it but the other day I went to validate my password protected site at w3c. So I had to use their direct input method. It complained about my javascript, so I put the comments back in everything was fine.