whoisgregg - 4:10 pm on Oct 18, 2012 (gmt 0)

Google may execute Javascript, but a javascript generated canonical tag is virtually guaranteed to be ignored by Google.

Remember, the purpose of the canonical tag is to specify the true location of content. Javascript injection is a significant enough security problem across the internet that Google is *incredibly* unlikely to trust a Javascript generated canonical tag.

Bottom line, it's got to be in the actual generated HTML of the page.