fix(assets): set js content-type on dev bundled asset handler

[harlan-zw]

Summary

• Dev handler at packages/script/src/assets.ts returned a Buffer without a Content-Type header, so Firefox rejected bundled scripts (/_scripts/assets/<hash>.js) with MIME type ("") is not a valid JavaScript MIME type.
• Set application/javascript; charset=utf-8 explicitly before returning content.

Closes part of #746 (the dev-side MIME warning). The production /_nuxt/*.js being served as application/json reported in that issue is unrelated, that's a reverse-proxy/CDN misconfiguration on the user's side.

Test plan

• Run a playground script with bundle: true in dev, confirm /_scripts/assets/*.js now responds with content-type: application/javascript; charset=utf-8.
• Verify Firefox no longer logs the MIME warning.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
scripts-playground	Ready	Preview, Comment	May 7, 2026 4:41am

[coderabbitai]

📝 Walkthrough

Walkthrough

The change adds an import for setHeader from the h3 library and uses it in the dev server handler to explicitly set the content-type response header to application/javascript; charset=utf-8 when serving the bundled script asset through the proxy route.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely describes the main change: setting the JavaScript content-type header on the dev bundled asset handler, matching the core fix in the changeset.
Description check	✅ Passed	The description is directly related to the changeset, explaining the issue (missing Content-Type header causing Firefox MIME errors), the solution (setting the header to application/javascript; charset=utf-8), and providing a test plan.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/dev-asset-mime-type

Warning

Review ran into problems

🔥 Problems

Git: Failed to clone repository. Please run the @coderabbitai full review command to re-trigger a full review. If the issue persists, set path_filters to include or exclude specific files.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (2)

packages/script/src/assets.ts (2)

61-61: 💤 Low value

Consider text/javascript — the current IANA-registered standard MIME type.

application/javascript now carries the IANA note "OBSOLETED in favor of text/javascript" per RFC 9239 (May 2022). That said, browsers still have to accept all JavaScript MIME types, so this won't break anything — but servers should send text/javascript for forward compliance.

♻️ Proposed change

-        setHeader(event, 'content-type', 'application/javascript; charset=utf-8')
+        setHeader(event, 'content-type', 'text/javascript; charset=utf-8')

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/script/src/assets.ts` at line 61, The response sets the JavaScript
MIME type to application/javascript; update the header in the setHeader call to
use the IANA-preferred text/javascript with charset by changing the value passed
to setHeader(event, 'content-type', ...) from 'application/javascript;
charset=utf-8' to 'text/javascript; charset=utf-8' so the setHeader invocation
uses the forward-compatible MIME type.

---

61-61: 💤 Low value

Consider using text/javascript — the current IANA standard for JavaScript MIME types.

Per RFC 9239 (May 2022) and IANA's official registration, text/javascript is the sole standard media type for JavaScript resources, and application/javascript is listed as a deprecated alias. Both work identically in all browsers, so this is purely an optional standards alignment. The single-line change ensures the code uses the current standard rather than an obsolete name.

♻️ Proposed change

-        setHeader(event, 'content-type', 'application/javascript; charset=utf-8')
+        setHeader(event, 'content-type', 'text/javascript; charset=utf-8')

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/script/src/assets.ts` at line 61, Replace the deprecated MIME type
used in the setHeader call: in the setHeader(event, 'content-type',
'application/javascript; charset=utf-8') invocation update the media type to the
current IANA standard by using 'text/javascript; charset=utf-8' so the
Content-Type header aligns with RFC 9239.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@packages/script/src/assets.ts`:
- Line 61: The response sets the JavaScript MIME type to application/javascript;
update the header in the setHeader call to use the IANA-preferred
text/javascript with charset by changing the value passed to setHeader(event,
'content-type', ...) from 'application/javascript; charset=utf-8' to
'text/javascript; charset=utf-8' so the setHeader invocation uses the
forward-compatible MIME type.
- Line 61: Replace the deprecated MIME type used in the setHeader call: in the
setHeader(event, 'content-type', 'application/javascript; charset=utf-8')
invocation update the media type to the current IANA standard by using
'text/javascript; charset=utf-8' so the Content-Type header aligns with RFC
9239.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: bd212bb1-dd33-40e3-a7ad-66c1224da4e9

📥 Commits

Reviewing files that changed from the base of the PR and between 9737739 and bddb41a.

📒 Files selected for processing (1)

• packages/script/src/assets.ts

[pkg-pr-new]

Open in StackBlitz

npm i https://pkg.pr.new/@nuxt/scripts@748

commit: bddb41a