I haven’t been able to find this issue elsewhere: I have email obfuscation enabled. Cloudflare is adding its email obfuscation script at the end of my html document most of the time, which is fine. Occasionally (maybe 20% of the time) the script is inserted into the middle of the body (same spot every time), into one of my carousel sliders, causing it to break and actually display the script as a slide. The slider is supposed to contain images only, so obviously this is problematic. The slider contains no email references whatsoever. See image for reference.
The only solution I can think of is to write a script to detect and move cloudflare’s script, but I’m wondering if there’s a better way to control its placement.
I understand your concern and I am not quite sure either why Cloudflare would place it randomly in the middle of the document.
That being said, I’d still argue the problem here is rather with that carousel which attempts to process a script tag when it should just work with image tags.
You can certainly raise that issue with support but I should be surprised if they provided any sort of fix, especially on a short term. Technically that is perfectly valid HTML.
What I’d do is any of the following in this order
Disable email obfuscation
Fix the carousel so that it only handles applicable child elements
As you suggested, add some JavaScript which move the script tag