Spring Security SAML Logout move onload script to body tag

With PR #11676 the submit of the form was moved fron body to inline script. But it was no removed on all onLoad body tags:

https://github.com/spring-projects/spring-security/blob/e4e24c6639357ebe886db593832b40f8eea29cd0/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/authentication/logout/Saml2LogoutRequestFilter.java#L222 and https://github.com/spring-projects/spring-security/blob/e4e24c6639357ebe886db593832b40f8eea29cd0/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/authentication/logout/Saml2RelyingPartyInitiatedLogoutSuccessHandler.java#L126 still have the onLoad on the body and also now in the inlince script section.

Is there a reason/benefit to put the script outside of the head and body tag?

Comment From: marcusdacoregio

Thanks for the report @ugrave.

Is there a reason/benefit to put the script outside of the head and body tag?

No, there isn't. It is even recommended to have the scripts inside the <head> or <body> tags, emphasis by me:

The SCRIPT element places a script within a document. This element may appear any number of times in the HEAD or BODY of an HTML document.