Something that's been bugging me recently is the use of HTML5 data attributes and when is the appropriate to use them.
Typically, on a page that performs a number of AJAX calls to my server, I require the ID
that is representative of the page being viewed. I've currently been storing this in a hidden <input>
element on the page, which is then accessed and stored in a JS variable at the top of my jQuery doc ready call.
I've been considering moving it to a data-id
attribute on the body element, which I then would access in jQuery using $('body').data('id');
.
Is there any advantages to using HTML5 data atttributes or visa versa? Performance? Security? "Best-Practices"?
It's my understanding that data attributes are accessible by all browsers so dealing with IE isn't a concern.
The <input type="hidden"> defines a hidden input field. A hidden field let web developers include data that cannot be seen or modified by users when a form is submitted.
Since they are not rendered visible, hidden inputs are sometimes erroneously perceived as safe. But similar to session cookies, hidden form inputs store the software's state information client-side, instead of server-side. This makes it vulnerable.
The value of the hidden input is that it keeps the secret associated with the data and automatically includes it when the form is sent to the server. You need to use well-designed secrets to actually secure your website.
The hidden attribute is a boolean attribute. When present, it specifies that an element is not yet, or is no longer, relevant.
One of the main drawbacks is accessibility.
Since those attributes aren't submitted to the server in POSTs, you'll need to keep in mind what happens in JavaScript-disabled browsers. If your page should also be able to degrade gracefully and perform those same AJAX-requested features via traditional form submissions if necessary, a hidden field will still be required.
That said, I'm a big fan of data- attributes when they make sense, especially in strictly "application" type sites where you can safely mandate JavaScript. It's a lot nicer to tag a table row with a data-id attribute than stuff a hidden field in one of its cells, for example. Especially coupled with jQuery's nice data- attribute support for the .data()
method, that makes for clean, intuitive code in situations where hidden fields can be a bit messy.
Here's my take:
input
s are meant to be used in forms as a way of passing data back to the server without making it visible, or editable, on the page.data-
attributes are meant to convey information about an element to JavaScript on the page.Based on that, a data-
attribute on the html
or body
element would seem most appropriate.
An alternative, albeit less-semantic, solution is to serialize your page metadata as JSON and use a script
tag to set it as global variable on the page. You can see this in action on, for instance, GitHub repositories, where a global GitHub
object is created near the top of the page and some information (the repo name, the current branch, the latest commit) is added to it for easy access.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With