The JavaScript URL Extractor scans HTML source code and lists every JavaScript reference it can find, returning a clean set of URLs one per line. It reads the src of every script element and, when you want it, also captures inline javascript: links hidden in href attributes, so you see the full range of scripting entry points a page contains.
It is aimed at developers, security reviewers, and performance auditors who need to know exactly which scripts a page loads. Third-party tags for analytics, advertising, chat widgets, and tag managers accumulate quickly and can slow a page or introduce risk. Listing every script source in one place makes it easy to review what runs on a page and question anything unexpected.
Everything runs locally in your browser using JavaScript, with no upload and no server round trip. Paste your markup or upload an HTML file, choose whether to include inline javascript: links and whether to remove duplicates, then read the finished list. Because the work is local, confidential page source and internal script paths never leave your device.
Features
- Extracts the src URL from every script element so you capture each external file the page requests.
- Optionally captures inline javascript: links found in href attributes for a complete scripting audit.
- Removes duplicate URLs case-insensitively so a script referenced more than once appears only once.
- Decodes HTML entities in URLs so ampersands in query strings resolve to usable, readable links.
- Ignores commented-out markup so script tags inside HTML comments never appear in the results.
- Reports counts for external script sources, inline javascript: links, and total URLs returned.
- Exports the finished list to TXT, or copies it to your clipboard for a security or performance review.
How to use JavaScript URL Extractor
- Paste your HTML source into the input box, or upload an .html, .htm, or .txt file from your device.
- Enable include inline javascript: links if you want href-based script triggers listed as well.
- Turn on remove duplicates so a script referenced several times collapses into a single line.
- Read the one-per-line output listing every script source and, if enabled, javascript: link.
- Check the stats for external script sources, inline links, and the total URLs returned.
- Copy the list to your clipboard or export it as a TXT file for an audit or documentation.
Benefits
- Developers see exactly which external scripts a page loads without digging through the markup by hand.
- Security reviewers spot unexpected or untrusted third-party script sources that warrant investigation.
- Performance auditors count how many separate script files a page requests and where bloat comes from.
- Privacy teams inventory analytics and advertising tags to confirm what tracking a page includes.
- QA engineers verify that expected script bundles and vendor tags are present before release.
- Anyone reviewing untrusted HTML can list script URLs safely without executing any of the code.
Modern pages often load a surprising number of scripts once analytics, advertising, consent managers, chat widgets, and tag managers are added, and each of those can inject still more scripts at runtime. Getting a flat list of the script sources present in the delivered HTML is the first step in auditing that footprint, because it shows the requests the browser will make before any dynamic loading occurs and highlights vendors you may not have realised were on the page.
The optional javascript: link capture is aimed at older or hand-built pages where behaviour is wired through href attributes rather than event listeners. These inline links are worth surfacing during a security or accessibility review because they mix behaviour into navigation markup and can be easy to overlook. Leave the option off for a pure external-file inventory, and turn it on when you want every scripting entry point in one list.
Because the extractor parses HTML with regular expressions in your browser, it reads the URLs exactly as written in the source and never uploads anything, working even in server-side rendering contexts. It lists sources verbatim without resolving relative paths or following the scripts to see what they load next, so it reflects the static markup you provide. Combine it with the Image URL Extractor and Anchor Text Extractor for a full reference audit.