First of all, the textattribute of the HTMLScriptElementis the preferred method to access the text of an inline <script>element. DOM-Level-2and HTML5: 4.11.1both indicate that a script should have an attribute textwhich contains the scripts interior text:

首先， 的text属性HTMLScriptElement是访问内联<script>元素文本的首选方法。DOM-Level-2和HTML5: 4.11.1都表明脚本应该有一个text包含脚本内部文本的属性：

The IDL attribute textmust return a concatenation of the contents of all the Text nodes that are children of the scriptelement (ignoring any other nodes such as comments or elements), in tree order. On setting, it must act the same way as the textContentIDL attribute.

IDL 属性text必须script以树顺序返回作为元素子元素的所有 Text 节点的内容的串联（忽略任何其他节点，例如注释或元素）。在设置时，它必须以与textContentIDL 属性相同的方式起作用。

Since the <script>element is empty (you specified an external source), text, textContentand innerHTMLare empty. This is because the textattribute is only set in inline scripts:

由于<script>元素为空（您指定了外部源）text，textContent和innerHTML为空。这是因为该text属性仅在内联脚本中设置：

If the script is inline and the script block's type is a text-based language:

The value of the textIDL attribute at the time the element's "already started" flag was last set is the script source.

如果脚本是内联的并且脚本块的类型是基于文本的语言：

text上次设置元素的“已启动”标志时 IDL 属性的值是脚本源。

So it's not possible to include an external text/plainusing this method.

所以不可能text/plain使用这种方法包含外部。

See also:

也可以看看：

• W3C: HTML5: 4.11.1 The script element: text attributeand the example for the game map:

  <script src="game-engine.js"></script> <!-- game engine isn't inline -->
  <script type="text/x-game-map"> <!-- but data needs to be inline -->
  ........U.........e
  o............A....e
  .....A.....AAA....e
  .A..AAA...AAAAA...e
  </script>
  

• W3C：HTML5：4.11.1 脚本元素：文本属性和游戏地图示例：

  <script src="game-engine.js"></script> <!-- game engine isn't inline -->
  <script type="text/x-game-map"> <!-- but data needs to be inline -->
  ........U.........e
  o............A....e
  .....A.....AAA....e
  .A..AAA...AAAAA...e
  </script>
  

Note that if this were supported, it would provide a huge security hole and a means of getting around cross-site scripting protections that protect json and other data. Essentially, my nasty web page (nasty.com, say) could access your private data that's protected by cookies by loading it using a script tag. e.g.

请注意，如果支持此功能，它将提供一个巨大的安全漏洞和一种绕过保护 json 和其他数据的跨站点脚本保护的方法。本质上，我讨厌的网页（例如nasty.com）可以通过使用脚本标签加载来访问受cookies 保护的私人数据。例如

<script type="text/plain" 
       src="https://supersecure.com/youraccount/privatedocs/list"/>

Since the cookies for supersecure.com will automatically be sent with the request (as is the case when requesting any resources), the secure site just returns the data (e.g. the list of private docs) since it couldn't easily tell the request apart from one from an ajax request from its legitimate webpage. This hole doesn't exist with ajax, since the browser will simply prevent a page from nasty.com from making an ajax request to supersecure.com, thanks to the same origin policy.

由于 supersecure.com 的 cookie 将自动与请求一起发送（就像请求任何资源时的情况一样），安全站点只返回数据（例如私有文档列表），因为它不能轻易区分请求来自其合法网页的ajax请求之一。ajax 不存在这个漏洞，因为浏览器将简单地阻止来自 nasty.com 的页面向 supersecure.com 发出 ajax 请求，这要归功于同源策略。

Obviously, there's no security problem with inline data.

显然，内联数据不存在安全问题。

After several days of researching the same question, I found several references to the following code:

经过几天对同一问题的研究，我发现了对以下代码的几个引用：

<html>
<head>
  <script type="text/javascript">
    function init() {
      var extText = window.frames.messageTxt.document.body.lastChild.lastChild.data;
      extText = extText.replace(/[\r\n]/g, " ");
      document.forms[0].nMessage.value = extText;
    }
    window.onload = init;
  </script>
</head>
<body>
  <iframe name="messageTxt" src="txtData.txt" style="display:none"></iframe>
  <form>
    <textarea name="nMessage"></textarea>
    <input type="button" value="click" onClick="init()">
  </form>
</body>
</html>

The above code does actually access the txtData.txt file (provided it exists) and dumps it into a <textarea>as the default text. For some reason, none of the above responses mention that this works, I assume because the question seems to imply the <src>tag specifically (for a similar technique may not be available; I have not checked); however, I still think it is worth mentioning supposing your query pretains to the more general question of obtaining an external .txt file (or if anyone else who comes across this page is seeking said question's anwser), mostly because it took me hours researching it, so I believe it plausible that the answer was simply hard to produce.

上面的代码确实访问了 txtData.txt 文件（假设它存在）并将其转储到 a<textarea>作为默认文本。出于某种原因，上面的回答都没有提到这是有效的，我假设是因为这个问题似乎<src>特别暗示了标签（对于类似的技术可能不可用；我没有检查过）；但是，我仍然认为值得一提的是，假设您的查询涉及获取外部 .txt 文件的更普遍的问题（或者如果遇到此页面的其他人正在寻找所述问题的答案），主要是因为我花了几个小时研究它，所以我相信答案很难产生是有道理的。

Yeah, no I don't think you can get the text content like that. It's mainly because you're going to use dom access elements to get some text that was never really injected into the dom itself.

是的，不，我认为您无法获得那样的文本内容。这主要是因为您将使用 dom 访问元素来获取一些从未真正注入 dom 本身的文本。

I tried a few options and they didn't work. I don't have a solid reason why you won't be able to find it, but the reason why i'm giving up / thinking like this is because even the WebKit inspector that i'm using doesn't have a triangle disclosure next to a script-src tag. What it does do is that it converts the src into a link that you can click on and then it uses Ajax or whatever to read that text back from the server.

我尝试了几个选项，但它们都不起作用。我没有充分的理由为什么你找不到它，但我放弃/这样思考的原因是因为即使我使用的 WebKit 检查器也没有三角形披露在 script-src 标签旁边。它所做的是将 src 转换为您可以单击的链接，然后它使用 Ajax 或其他任何方式从服务器读取该文本。