🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

simple-load-script

Package Overview
Dependencies
Maintainers
1
Versions
11
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

simple-load-script

Very simple promise based script and JSONP

latest
Source
npmnpm
Version
2.1.1
Version published
Weekly downloads
9.8K
49.35%
Maintainers
1
Weekly downloads
 
Created
Source

simple-load-script

Very simple promise based script loader and JSONP

.github/workflows/check.yml

Usage

Async/await

import simpleLoadScript from 'simple-load-script';

try {
    const scriptRef = await simpleLoadScript(
        'https://code.jquery.com/jquery-3.7.1.min.js',
    );

    console.log(scriptRef); // HTMLScriptElement
} catch (err) {
    console.log(err);
}

Promise

import simpleLoadScript from 'simple-load-script';

simpleLoadScript('https://code.jquery.com/jquery-3.7.1.min.js')
    .then(function (scriptRef) {
        console.log(scriptRef); // HTMLScriptElement
    })
    .catch(function (err) {
        console.log(err);
    });

Config object

import simpleLoadScript from 'simple-load-script';

try {
    const scriptRef = await simpleLoadScript({
        url: 'https://code.jquery.com/jquery-3.7.1.min.js',
        inBody: true,
        attrs: { id: 'one', charset: 'UTF-8' },
    });

    console.log(scriptRef); // HTMLScriptElement inBody with attrs present
} catch (err) {
    console.log(err);
}

Google Maps API

Runs global callback (window.gmapiready)

import simpleLoadScript from 'simple-load-script';

try {
    const scriptRef = await simpleLoadScript(
        '//maps.googleapis.com/maps/api/js?&callback=gmapiready',
    );

    console.log(scriptRef); // HTMLScriptElement
} catch (err) {
    console.log(err);
}

JSONP

Runs global callback (window.elo)

var simpleLoadScript = require('simple-load-script');

try {
    const scriptRef = await simpleLoadScript({
        url: '//api.ipinfodb.com/v3/ip-city/?format=json&callback=elo',
        removeScript: true,
    });

    console.log(scriptRef); // undefined
} catch (err) {
    console.log(err);
}

Array mode - objects and urls, callBackNames must have unique names

import simpleLoadScript from 'simple-load-script';

try {
    const scriptRefs = await simpleLoadScript([
        '//maps.googleapis.com/maps/api/js?&callback=gmapiready',
        {
            url: '//api.ipinfodb.com/v3/ip-city/?format=json&callback=elo',
            removeScript: true,
        },
        'https://code.jquery.com/jquery-3.7.1.min.js',
    ]);

    console.log(scriptRefs); // HTMLScriptElement[]
} catch (err) {
    console.log(err);
}

Arguments

Config | string | (Config | string)[]

Config

Interface

interface Config {
    url: string;
    attrs?: Record<string, string>;
    inBody?: boolean;
    insertInto?: string | null;
    removeScript?: boolean;
}

Default values

const defaultConfig = {
    url: '',
    attrs: {},
    inBody: false,
    insertInto: null,
    removeScript: false,
};
  • url - file to append to body
  • attrs - with attributes to append to script tag (charset, type, id, …)
  • inBody - append to document.body instead of document.head
  • insertInto - CSS selector (an ID, class name, element name, etc.) to insert the script into. Overrides inBody value.
  • removeScript - remove script tag after load; it's always removed on an error

Specific import

Check files or package.json

Changelog

View on github.

Misc.

  • uses addEventListener, Array.isArray, for…of, destructuring Promise & Promise.all

Keywords

script
promise
JSONP

FAQs

Package last updated on 12 Apr 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Deno 2.6 + Socket: Supply Chain Defense In Your CLI

Security News

Deno 2.6 + Socket: Supply Chain Defense In Your CLI

Deno 2.6 introduces deno audit with a new --socket flag that plugs directly into Socket to bring supply chain security checks into the Deno CLI.

By Sarah Gooding  -  Dec 12, 2025