This support article explains what a self-hosted JavaScript deployment is in Schema App, when organizations may require it, and how it compares to standard deployment methods. Self-hosted JavaScript deployment is when a client serves Schema App’s highlight.js file from their own infrastructure instead of Schema App’s CDN. This approach is particularly relevant for organizations with strict security, compliance, or infrastructure requirements (e.g. financial services, healthcare, enterprise IT governance).
This article provides the conceptual and strategic context needed to understand when self-hosting is appropriate, how it compares to other deployment methods, and what considerations should be evaluated before choosing this approach.
Read this article to better understand:
- When self-hosting is appropriate,
- The tradeoffs involved,
- How it fits into Schema App’s broader deployment options.
TABLE OF CONTENTS
What is Self Hosted JavaScript?
A self-hosted JavaScript deployment is a method where the highlight.js file used to generate and deploy structured data is stored and served directly from the client’s own servers, rather than being loaded from Schema App’s CDN.
Functionally, the deployment behaves the same as a standard JavaScript integration—generating and injecting JSON-LD structured data on page load—but shifts control of script delivery to the client’s infrastructure.
Why do organizations request self-hosted JavaScript?
Schema App primarily deploys structured data using a JavaScript library (highlight.js), typically served via Schema App’s CDN for ease of implementation and maintenance. However, your organization may require greater control over third-party scripts. If needed, Schema App's scripts are available for teams to self-host the JavaScript file within their own infrastructure.
Self-hosting is most commonly driven by organizational policies rather than technical limitations. Approrpiate scenarios include:
- Strict security policies limiting third-party CDN usage
- Regulated industries (e.g. finance, healthcare, government)
- Internal requirements for script auditing and version control
- Data governance policies requiring full control over hosted assets
How does it differ from standard JavaScript deployment?
In a standard deployment, Schema App’s highlight.js is loaded asynchronously from a CDN, enabling immediate updates and minimal implementation overhead.
In a self-hosted model:
- The client downloads and hosts the highlight.js file
- The script is served from their own domain or infrastructure
- Updates must be manually managed by the client
Key Differences at a Glance
- CDN-hosted: Automatically updated, minimal maintenance
- Self-hosted: Greater control, increased operational responsibility
How does this fit into Schema App’s deployment architecture?
Schema App supports multiple deployment methods, with JavaScript being the most common due to its flexibility and real-time updates. Self-hosted JavaScript is a variation of this method, designed to meet stricter infrastructure requirements while maintaining the benefits of dynamic markup generation.
For more information on JavaScript, read the Overview: Schema App JavaScript Deployment knowledge base article.
What are the Benefits, and Tradeoffs or Considerations of Self-Hosting
If there is no strict requirement to use JavaScript, you may want to weigh more of the pros and cons. Any custom coded solution will require additional developmer support to maintain. For most customers, the standard CDN-hosted JavaScript deployment remains the recommended approach.
Benefits
- Security compliance: Avoids reliance on external CDNs
- Infrastructure control: Scripts are managed within internal systems
- Auditability: Easier to review and approve deployed code
Tradeoffs and Considerations
Manual updates: Clients must update highlight.js to access new features or fixes
- Increased implementation effort: Requires coordination with development teams
- Potential delays: Updates may lag compared to CDN-hosted deployments
Security FAQ
This section addresses common security and compliance questions raised during enterprise evaluations.
Does Schema App’s JavaScript collect or transmit sensitive data?
No. The highlight.js script is designed to generate structured data based on on-page content. It does not collect personally identifiable information (PII) or track users.
Why would a security team restrict CDN-hosted scripts?
Some organizations limit third-party CDN usage to reduce risk exposure, enforce stricter change control, and ensure all scripts are reviewed and approved internally.
Does self-hosting improve security?
Self-hosting does not inherently make the script more secure, but it allows organizations to align with internal security policies by controlling how and where the script is served.
What are the risks of self-hosting?
- Outdated scripts if updates are not maintained
- Missed security patches or feature improvements
- Increased reliance on internal processes for maintenance
Does self-hosting affect how Schema App accesses data?
No. Schema App still requires access to its APIs and services for configuration, markup generation, and reporting. This is typically enabled through whitelisting.
Conclusion Section
Self-hosted JavaScript deployments provide a flexible option for organizations that require full control over script delivery, particularly in regulated environments. However, this approach introduces additional operational responsibility and should generally be used only when required by internal policies.
For implementation details, refer to the step-by-step guide:
How to: Set up a self-hosted JavaScript Deployment
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article