All guides

Can AI Crawlers Read JavaScript? Safe SEO Rules

Drowning in unreadable DMARC report XML? Paste one into our free reader for a plain-English read. Read your report.

The short answer

If your best answer only appears after JavaScript runs, some AI answer engines may never see it clearly. Googlebot documents JavaScript rendering. The other major AI-search crawlers do not give site owners the same public rendering promise.

So the safe answer is this: AI crawlers can fetch pages that use JavaScript, but you should not depend on client-side rendering for the words you want cited in AI answers. Put the main copy, headings, links, canonical tag, title, meta description, and schema in the first HTML response. Then enhance the page with JavaScript after that.

This matters because AI answers are built from crawled and indexed content. The crawlers that affect live AI-answer visibility are OAI-SearchBot for ChatGPT search, Claude-SearchBot for Claude, PerplexityBot for Perplexity, Googlebot for Google AI Overviews through the normal Search index, and Applebot for Apple Intelligence and Apple search features. If you disallow one of these in robots.txt, you remove yourself from that engine's crawl path.

Do not mix up search bots and training bots

A lot of bad advice starts by blocking every AI-looking user agent. That can hide your site from answer engines while doing little for the thing you meant to control.

  • Allow OAI-SearchBot if you want ChatGPT search answers to find and cite your pages.
  • Allow Claude-SearchBot if you want Claude search visibility.
  • Allow PerplexityBot if you want Perplexity search visibility.
  • Allow Googlebot if you want Google Search and Google AI Overviews visibility. Google does not offer a separate AI Overviews crawler opt-out.
  • Allow Applebot if you want Apple search features and Apple Intelligence surfaces to discover your content.

GPTBot, ClaudeBot, CCBot, Google-Extended, and Applebot-Extended are training or opt-out controls. Blocking them does not block live AI-search visibility by itself. Google-Extended and Applebot-Extended are robots.txt control tokens with no separate crawl user agent. Apple says Applebot-Extended does not crawl pages.

Also remember what robots.txt is. It is your site's stated policy for crawlers. It is not proof of what any bot did. Perplexity-User and Bytespider have been reported to ignore robots.txt in some contexts, so do not claim a bot obeyed or broke your rule from policy alone. Check server logs, IP verification, and the vendor docs.

What to render for AI search

Think like a crawler with a tight budget. It gets one URL, one first response, and maybe no working browser.

  • Server-render the answer text. The body should make sense with JavaScript disabled.
  • Use normal links with href attributes. Do not make key navigation depend on click handlers.
  • Return a 200 status for live pages. Avoid soft 404 pages that need scripts to show content.
  • Keep title, meta description, canonical, robots meta, and structured data in the raw HTML.
  • Do not block JS or CSS that Google needs, but do not require JS before the article exists.
  • Test the raw HTML with curl, then test the rendered page in a browser.

For a quick read on whether your pages are reachable to AI-search crawlers, use the free AI visibility checker. The goal is simple: the same answer should be visible in source HTML, in a browser, and to allowed search crawlers.

Email deliverability has the same lesson

Mailbox providers make trust decisions from boring machine-readable records and recipient behavior. If the record is missing, vague, or broken, Gmail and Outlook are more likely to filter or reject the mail.

SPF is a DNS TXT record that lists who can send mail for your domain. Keep one SPF record per domain, include every real sender, and stay under the SPF 10 DNS-lookup limit from RFC 7208. A soft fail, ~all, tells receivers to treat unknown senders as suspicious. A hard fail, -all, is stricter and can break mail if you missed a real sender.

DKIM signs messages with a private key at the sending service and a public key in DNS. Each DKIM key has a selector, so a domain can have more than one sender signing mail. DKIM helps when forwarding breaks SPF, but for DMARC it has to pass and align with the visible From domain.

DMARC ties SPF and DKIM to the From domain. A message passes DMARC when SPF or DKIM passes and aligns. Start with p=none to collect reports, then move toward p=quarantine or p=reject when your real senders pass. DMARC aggregate reports, sent to rua addresses, show who is sending as you. The free DMARC report reader can turn those XML reports into something readable.

Also check MX records, blocklists, spam complaints, bounce rates, list quality, and whether your mail has a clear unsubscribe path. A domain with good SPF, DKIM, and DMARC can still hit spam if recipients ignore it or report it. A domain with bad authentication starts behind.

If you want one pass over the DNS side, the free InboxRadar domain scorecard checks SPF, DKIM, DMARC, MX, and common drift problems.

Sources worth using

Use official specs and vendor docs when the rule affects traffic or deliverability. Blog posts age fast in both AI search and email.

FAQ

Can ChatGPT search read JavaScript?

OpenAI documents OAI-SearchBot for ChatGPT search visibility, but it does not give the same public JavaScript rendering guide that Google gives for Googlebot. Treat client-side-only content as a crawlability risk.

Does Google AI Overviews use a separate crawler?

No. Google AI Overviews ride on the normal Google Search index. If you block Googlebot, you affect Search visibility. Google-Extended is a training and product-use control, not a separate AI Overviews crawler.

Should I block GPTBot to stay out of ChatGPT answers?

No. GPTBot is for training controls. For ChatGPT search answers, the crawler that matters is OAI-SearchBot. Blocking GPTBot alone does not remove you from live ChatGPT search visibility.

What is the safest setup for a React or Next.js site?

Use server rendering or static generation for the main article content and metadata. Let client-side JavaScript handle filters, forms, charts, and other extras after the core page is already readable.

Why mention SPF, DKIM, and DMARC in a crawler article?

Inbox trust and AI crawlability both depend on machine-readable signals. Search crawlers need readable HTML and allowed bots. Mailbox providers need aligned SPF, DKIM, and DMARC before they trust your domain.

Related guides

Read your DMARC report free

Paste your DMARC aggregate report and get a plain-English read: how many messages were sent as your domain, how many failed authentication, and which servers are sending as you. Free, no login.

Open the DMARC reader