Why don't browsers throw an error when any other word is used in place of 'javascript' in the value of onclick?

Question

I inherited a website, and just came across this curiosity:

<a href="/delete"  onClick="jamoscript:return confirm('Do you really want to do that?');">Delete all</a> 

I can display the page containing it and click the link to get the confirmation dialog box exactly the same as I do when I change "jamoscript" to "javascript". No diagnostics are displayed in the Firebug console, either when the page is loaded or when the link is clicked. What the hey? Googling for jamoscript doesn't turn up anything interesting.

Can anybody explain this behavior?

Answer 1

The string value of an "onclick" attribute is taken to be simple JavaScript code. JavaScript includes provisions for labeled statements, so that code is a return statement with the label "jamoscript". In other words, this:

jamoscript: return confirm("Do you really want to hurt me?"); 

is perfectly legal JavaScript. Labels aren't used much, so they're unfamiliar.

The only context in which the "javascript:" prefix matters is when a URL is expected, as is the case with the "href" attribute of <a> tags.