I disable JavaScript in browsers and have done so for many years, if it's hard or awkward to disable it in a specific browser then it instantly gets the flick and I substitute one that's more amenable to having its JS operation switched to 'off' mode.
Why do I bother going to this trouble when, these days, most of the web considers JavaScript 'on-mode' as the 'essential' default? Well, I've multiple reasons the first of which is useability. Whenever I have to use a browser where I am unable to disable JavaScript (i.e. on machines that I don't own or control)—I feel both frustrated and no longer in control of my browsing experience, here's a few of my reasons:
1. Speed. Fundamentally, I find that with JavaScript 'on' the browser's usability suffers enormously, its response speed drops to the point where it's damn difficult or painful to use (essentially, the browser's ergonomics have taken an unacceptable nosedive). If you've ever browsed the web without JavaScript for any length of time then you'll greatly appreciate the truly enormous increase in rendering (display) speed of web pages when JS is turned 'off'. Moreover, the browser not only renders pages much more quickly but also the rendering is much smoother—gone are the pauses and jerky page-loading operation that so often plagues JavaScript's operation.
1.1 Why users actually put up with such unacceptable response times I can only attribute to the fact that most have never used a browser with JavaScript disabled. This alone is an indictment of the web/development industry: for when websites downgrade users' browsing [useability] experiences for their own explicit benefit (and or pecuniary interest) then they are effectively exploiting users. Essentially, users do not really benefit from the use of JavaScript, but websites do, and they do so mightily!
2. Security and Privacy are so much easier to enforce when a browser's JavaScript is disabled. Right, that's a sweeping statement but it's easy to test. Using your browser's default settings and without additional add-ons or plugins (with the exception of say a JavaScript on/off toggle add-on), go to security/vulnerability-testing sites such as by Steve Gibson's, (GRC's) ShieldsUP!! or the EFF's Panopticlick, site and check your browser's privacy and security with and without JS. You'll be surprised. Moreover, many of the privacy-invading techniques used by websites to steal your personal info are killed stone-dead if JavaScript is disabled.
3. Neutering JavaScript works wonderfully as a first line of defence against ads and ad/user-tracking. Even without AdBlock or similar ad-blocking software, ads are essentially yesterday when JavaScript is disabled! Adding ad-blockers, etc. later only improves one's blocking experience. Make no mistake, JavaScript's main web function is to make it dead easy for websites, advertisers and Tech Giants to track you wherever you go across the web as well as to supply you with targeted advertising, etc.—everything else—all of JavaScript's other features are only of ancillary benefit (and prior to JS's introduction, the web had other alternatives).
Nowadays, I'm essentially out of touch with the latest ads as I never see any. …And what a truly wonderful condition that is.
4. Websites that Require JavaScript. When I encounter a website that absolutely requires JavaScript to function so conditioned are my reflexes that I find I've backed out and off it without me even having realizing it. I can wiz through dozens and dozens of news items on Hacker News and easily bypass any sites that will not function without JS. I've never needed to worry, as on the Web there's always thousands of equivalent or alternative websites that are more 'cooperative' from which to choose.
5. In very rare instances when I must visit a site that requires JavaScript to function, I've a browser add-on that has an icon on the navigation toolbar which allows me to simply toggle JS on and off whenever required. Accidentally leaving JS on is almost impossible as the icon changes from green to red when off. Similar methodologies apply on my rooted smartphone: along with the absolute prerequisite of completely removing (deleting) Google's GApps, the 3rd-party browser I use has a feature to turn JavaScript quickly off.
I'm a heavy web user and have been so for decades, I often literally peruse thousands of web pages per day without any need for JavaScript whatsoever. I only add that I feel sorry for the many thousands of you who are welded on to addictive sites where JavaScript is necessary.
Tragically, JavaScript's unfortunate arrival on the web several decades ago was the beginning of the end of the old fast web as we once knew it, and if we are to ever reclaim the web for users—claw power back from the Tech Giants like Google, Facebook et al—then we will have to begin by severely curtailing JavaScript's power.
Limiting JavaScript as outlined in the article isn't anywhere near a satisfactory solution. For starters, can you imagine the fights and disagreements over how these various, essentially arbitrary limits will be set.
Keep in mind that it is JavaScript that fuels the Tech Giants' presence on the web and thus they're the ones who are its 'true' pushers. Like drug peddlers, they've forced this horrible, unnecessary, pernicious JavaScript scripting 'kludge' onto us users so as to maximize their business models—that of maximizing their profits, and they've done so at the expense of us users. In a much more user-centric web environment, none of us users would ever need this JavaScript 'junk'.
> Essentially, users do not really benefit from the use of JavaScript, but websites do, and they do so mightily!
Bullshit. Lots of features that are essential in people's everyday use case need Javascript in the web.
> 4. Websites that Require JavaScript. When I encounter a website that absolutely requires JavaScript to function so conditioned are my reflexes that I find I've backed out and off it without me even having realizing it. I can wiz through dozens and dozens of news items on Hacker News and easily bypass any sites that will not function without JS. I've never needed to worry, as on the Web there's always thousands of equivalent or alternative websites that are more 'cooperative' from which to choose.
Good for you for who's use is just for browsing in HN. As for most people there who use it for work and personal reasons, I am glad Javascript is there to provide features that are not possible without it.
> 5. In very rare instances when I must visit a site that requires JavaScript to function, I've a browser add-on that has an icon on the navigation toolbar which allows me to simply toggle JS on and off whenever required. Accidentally leaving JS on is almost impossible as the icon changes from green to red when off. Similar methodologies apply on my rooted smartphone: along with the absolute prerequisite of completely removing (deleting) Google's GApps, the 3rd-party browser I use has a feature to turn JavaScript quickly off
Guess what language that browser add-on you are using is written in.
> In a much more user-centric web environment, none of us users would ever need this JavaScript 'junk'.
In a user-centric environment, we put people needs first. So having a language that empowers developers to put features that are useful to the user is the primary focus. If you want to create JS less websites, you STILL can do so.
I understand that Javascript has much to improve. But your hatred for it borders on the idealogical.
> Lots of features that are essential in people's everyday use case need Javascript in the web.
I also disable javascript by default. And yet none of the websites that I enable javascipt on have essential javascritpy features, but they merely don't present the content in plain html.
> empowers developers to put features that are useful to the user is the primary focus
No, there is and always was a tension between usability and developers putting up new features. If you truly focus on user experience you definitely can't empower developers to invent features, you have to constrain them and force them to follow UX guidelines.
Do you never buy anything online? Or play an online game? Or use Google maps? I can think of lots of websites that I regularly use where JavaScript is important. I agree it is best to limit it, but it definitely has lots of uses.
Unfortunately the map images in the article there no longer work because Google has decided to "deprecate" that API, but there's absolutely nothing about serving what is essentially a large tiled image that requires the capability to run arbitrary code on the client. In fact, here's a tile URL I just found that still works: http://mt1.google.com/vt/lyrs=y&x=1325&y=3143&z=13
JavaScript is like Flash: useful or even essential for some things, but far too overused these days.
Sure, map viewing definitely doesn't need JavaScript, but Google Maps definitely does. I don't see how you could reasonably implement something like Google street view without JavaScript. Even just having the different locations on the map fade in and out of view as you zoom requires JavaScript, as far as I know. Personally, I don't want to have to use a stripped down version of maps, I want to be able to go into street view and see the locations, and smoothly see more detail as I zoom in.
Perhaps a better example is video calling. Definitely can't do that without JavaScript. My point is that disabling JavaScript entirely eliminates several classes of websites. I think it is better to have reasonable limits to JavaScript than make these types of websites impossible.
Why does this functionality have to be embedded in a website? I use google earth and skype to look at maps and make video calls. I don't feel like I'm missing out.
> And yet none of the websites that I enable javascipt on have essential javascritpy features, but they merely don't present the content in plain html.
You're right, that can be a significant problem. Often what I do is to turn JS on and let the page load then turn it off again. When I encounter Smart Alec sites that try to catch people like me out by refreshing JS every few seconds, I either toggle network access to the internet off or capture the text by various other means.
I expected flak over aforementioned comment, especially so on Hacker News given that many of its readers earn their incomes from JavaScript. It's not JavaScript per se that's the main problem, rather it's the uses—the undeniable abuses—to which it has been put by many unscrupulous web players. Essentially, the abuse of users by developers and powerful websites is primarily channeled through this tool; any other equivalent mechanism would have received equal criticism from me.
(Incidentally, I note you've not seen fit to address this aspect of my earlier comment nor the significant matter of JavaScript's propensity to highly degrade the speed of webpage rendering).
> In a user-centric environment, we put people needs first. So having a language that empowers developers to put features that are useful to the user is the primary focus. If you want to create JS less websites, you STILL can do so.
By using JavaScript do you honestly believe you are actually putting people first or is this just developer/website owner rhetoric? With few exceptions, what you are saying I consider mostly fanciful. We've seen sweeping statements such as 'put people needs first' and 'the user is the primary focus' before, for decades similar lines were peddled by Microsoft until they became such a joke that it wasn't game to push them any longer (I needn't remind you that this BS came from the company that arguably did even more damage to the Web than did JavaScript).
The principle problem with JavaScript is that it has evolved into an extremely powerful tool—in fact it is now too powerful and consequentially the power it has unleashed is very lopsidedly in the hands of developers and website owners (as well as unscrupulous hackers); the only time ordinary users ever get a look-in is when programmers permit users to access web features of which the website strictly approves. Users essentially have no control over JavaScript's ability to invade their privacy etc. (without resorting third-party browser add-ons or turning off JavaScript altogether, and even that can be difficult these days, as some browsers have removed the switch that turns it off).
JavaScript has always been developed with the at-developers'-convenience philosophy in mind, this has been true ever since the days of LiveScript. This design philosophy never changed with Microsoft later involvement except to make matters very much worse with is non-standard non-cooperative approach to everything in the IT world, its JScript and latter .NET being typical examples of the problem. Now we've WebAssembly/Wasm and essentially the same rules apply, W3C may think it runs the show but it's Google, Apples, Microsoft that effectively run the show.
Had developers had users' ethics on their side, these problems could have been avoided early on. It would have been possible to separate JavaScript's multi-paradigm language/features into two separate languages. One language would only carry out essential glue-like functions (to use Andreessen's well know quip) to connect it with HTML so as to perform basic transactions with web servers etc. The other would carry out all those other nefarious tasks so reviled by people like me and users could block it at will without affecting the presentation of web pages. Naturally, nuking this script would be beneficial: trackers, etc. would be blocked and users would experience a substantial increase in speed as web pages would render much faster. (Right, I'm grossly oversimplifying these processes but I'm not discussing the intricacies of languages here).
Have you actually taken the time to survey typical pages these days? I'll bet not, for how could you honestly justify or defend them as they are? It's only possible if you're on the receiving end of those cents. (I'll demonstrate later in a separate reply with some of my own stats.).
> Bullshit. Lots of features that are essential in people's everyday use case need Javascript in the web.
In the present Web climate I agree that one does need JavaScript, especially if one's the type of person who has minimal attention span and cannot live without dissolves, pop-ups, ads, moving images and every other kind of conceivable visual distraction. Of course knowledgeable users also need sufficient cognitive faculties to enable them to dismiss away all concerns and worries they may have about them being continually monitored and their privacy violated. Tragically, many millions of other ordinary Web users are still not aware of these issues, nor are they aware of the harmful consequences.
That said, I fully accept there's a place for legitimate contextually-based animations, graphs and videos etc. to be displayed within web pages as well as the need for mechanisms to allow users to access payment systems etc. but strictly on the proviso that they are integral to the primary content of that page. Whilst these days JavaScript is often the main enabling technology that's used to deliver such content it doesn't necessarily have to be so as other ways still exist. In principle, I've no objection to using JavaScript in this context but I see no way of limiting its use to just this purpose.
I am sorry that you've missed main thrust of my argument. What many website owners and developers simply do not realize or just blatantly ignore is how truly alienating it is for text-based junkies like me to be, say, well into reading the second paragraph of a story only to have a pop-up (or worse for an overlay) to suddenly appear with the aim of having me joining a mailing list or such. …And, as we already well know, that's just the beginning of the assault on us users when we visit websites. As far as I am concerned, such behavior is just not on.
The reason why JavaScript is so on-the-nose is that it's the first-line weapon website and developers use in their assault on users' senses. As with anyone defending him or herself from attack, one's first aim is to neutralize the enemy's main weaponry; it thus makes common sense to nuke JavaScript whenever possible.
As JavaScript has become so all pervasive, and with the rise of its even more insidious WebAssembly/Wasm derivative, it's easy to envision a not-too-distant Web where both have taken over—a Web where browsers will have access to very few or even no pages at all unless JavaScript is enabled. If this ever eventuates then I foresee a need for tailor-made JavaScript engines that would modify the way JavaScripts and Wasm work. 'Modified' JavaScript engines would have features that would allow their operational parameters to be reconfigured in quite powerful ways that would enable users to claw back control from websites, and they would do so in much more sophisticated ways than say NoScript or various ad blockers do now (in fact, these engines might even run their own user-defined add-ons).
The analogy of JavaScript to addictive drugs should be comical but instead I'm starting to find this "JavaScript derangement syndrome" stuff just goddamn tiresome.
If you're not visiting websites that rely on JS, you're not using the same internet as the vast majority of people who use the internet. Good for you, I guess. Good luck looking at a map in a web browser without JS, although I'm sure you'd never sully your computer by visiting a Google website.
You can argue the same about blocking ads. Yes, not having ads and javascript is very different user experience. Very much not the same internet. But why would you want it any other way, why go back to that ad-riddled annoying slow insecure manipulative web that the vast majority apparently use?
> ' I'm sure you'd never sully your computer by visiting a Google website.'
Absolutely not, as I have no need to do so as there's so much more on the Web other then Google, Facebook and Amazon. I can't even remember my usernames let alone the passwords.
Clearly, what I do is irreverent for everyone else (and no one else would care anyway). My major concern is that those who find themselves having to use Google or Facebook essentially have no other alternatives. In this way Big Tech has has effectively monopolized the Web and I consider that completely unacceptable. So should most other people.
Certainly it would seem that most holdovers no longer have objective arguments that would tip most people off JavaScript on the cost/benefit scale. I believe it's worth considering that most of the people left with that viewpoint may have a.. psychological need to keep JavaScript off. Very strong personal preference or otherwise. And that's fine!
I get the fatigue though. At this point we are pretty far out from this being a real bottom line issue; not since most businesses even stopped requiring Javascript be disabled. We have finally arrived at the promised land; SNI, Javascript, and greenfield browsers. Rejoice!
But the whole point of JavaScript is that, instead of having to install programs, you can run them in the browser. Obviously pretty much every website can be replaced by a desktop application, but that isn't really practical for the vast majority of people, and I don't really see what problem you are solving.
> Websites that Require JavaScript. When I encounter a website that absolutely requires JavaScript to function so conditioned are my reflexes that I find I've backed out and off it without me even having realizing it. I can wiz through dozens and dozens of news items on Hacker News and easily bypass any sites that will not function without JS. I've never needed to worry, as on the Web there's always thousands of equivalent or alternative websites that are more 'cooperative' from which to choose.
One of my side-projects is a solitaire based card game that I am writing a server for in Rust and a client for in JavaScript.
If I presented visitors with js disabled the opportunity to download a native client (yes, real native not just handing you a single-executable bundle of a browser and the web app), would you download it?
a) If I provided the binaries hosted on my server, served to you over TLS?
b) If I linked you to it in Windows Store / Mac App Store / an Ubuntu PPA on launchpad.net / Google Play Store / iOS App Store / F-Droid?
c) If I told you to install the Rust tool chain via https://rustup.rs/ and to run “cargo install” plus the name of my package that would be hosted on crates.io?
d) If I linked you to the build instructions in the wiki on GitHub that would tell you how to build it from source?
Please rank these from most likely to least likely that you would be willing to do if you were interested in my solitaire game.
And also, how would I best demonstrate the value to you of my solitaire game? Embedded video (plain video tag that doesn’t require js)? Screenshots and text? A link to the video on YouTube?
> If I presented visitors with js disabled the opportunity to download a native client (yes, real native not just handing you a single-executable bundle of a browser and the web app), would you download it?
I tend to agree on all your points. But when a site I need to browse does require JS, simply "turning it on" is, in my opinion, much too lax. You really need more granularity in managing javascript than the binary enable/disable feature available on browsers: namely javascript blocking extensions (noscript, umatrix, etc...). Being able to block
3rd party javascript is invaluable, for example.
> Absolutely agree. Earlier I attempted to reply to another post wherein I covered this issue but my post was too long so it wasn't posted. FYI, here's the extract which specifically deals with this issue (mind you, it's not a practical solution yet, for as far as I know no one has yet written the code to do the job):
" <...> As JavaScript has become so all pervasive, and with the rise of its even more insidious WebAssembly/Wasm derivative, it's easy to envision a not-too-distant Web where both have taken over—a Web where browsers will have access to very few or even no pages at all unless JavaScript is enabled. If this ever eventuates then I foresee a need for tailor-made JavaScript engines that would modify the way JavaScripts and Wasm work. 'Modified' JavaScript engines would have features that would allow their operational parameters to be reconfigured in quite powerful ways that would enable users to claw back control from websites, and they would do so in much more sophisticated ways than say NoScript or various ad blockers do now (in fact, these engines might even run their own user-defined add-ons).
Users could then gain the upper hand over websites by essentially feeding back any information that would satisfy a website or trackers; depending on the circumstance data could be accurate, part-accurate, part-obfuscated, misinformation or all or part randomized and tailored for all or just specific websites [right, it needs to be very flexible]. For example, all machine and O/S parameters could be obfuscated or scrambled, misinformation supplied such as saying ads were being displayed or clicked on when neither was the case, personal information scrambled or obfuscated and trackers supplied with misleading and deceptive junk. Furthermore, the process could be fully automated to allow users a smooth and unhindered Web-viewing experience.
If you think these suggestions harsh or unfair then I should not have to remind you that this is effectively what thousands of commercial websites and especially Big Tech—Google, Facebook et al—are already doing with your personal data (remember Cambridge Analytica?). Essentially, most users don't have a clue about the extent of the personal data that's collected from them by these websites nor of its contents or how it is actually processed nor do they know to whom it's sold. Moreover, websites unfairly vie for both users' attention and personal data by using tactics which are unethical, overly-invasive, highly-obfuscated and deceptive.
Whilst many users have yet to realize it, they're already in an undeclared war with websites and developers and especially Big Tech. The power imbalance already favors large websites with large resources and ready access to considerable funding, it's comparatively easy for them to refine and escalate their invasive processes as and when is necessary. Moreover, these practices are made much easier for websites to implement by the fact that netizens have little or no effective legislation to protect them against unfair practices, as with respect to such matters governments have long gone AWOL. It's very clear the odds are heavily stacked against ordinary Web users. Thus, given these circumstances, it's not at all unreasonable to expect users to have to deploy obfuscation and deception as quite legitimate countermeasures to protect both themselves and their data. We users desperately need tools such as a modified JavaScript engine to effectively even the playing field.
If website owners consider themselves hard done by my proposals in these comments—in the sense that they would not make sufficient income if they didn't force users to accept abusive JavaScript scripts, invasive ads, privacy hacks and trackers, not to mention having to commit the unacceptable practice of dangling irresistible and addictive 'baubles, bangles and beads' in front of those who are easily distracted and or addicted—then I'd suggest that the Web would be much better off without them. Let them go broke, their absence would only be beneficial in that there would be less network congestion for everyone else after they've gone. <...>"
I agree with so much of this. I think the only real thing holding back a limited javascript world is javascript becoming a limited/disabled majority. I don't think it will happen because so many businesses rely on the interactivity and tracking that javascript gives. Try explaining to the lady down the street what disabling javascript does for her but the one website that needs to be visited requires JS can't be used and see the outcome of that. If turning off JS does not impact a user's most visited sites then it is easy to do but if not then it is a lost cause. I guess browsers enforcing limits is the next best option but it'll see push back no matter what.
I agree with you that it certainty won't happen in the current web climate. In an earlier reply I've made allowances for this - see my reply above to kirion25.
How do you value usability but then have every other website basically disabled? The net trade-off there surely isn't in the direction of usability, versus simply installing an ad blocker.
If I installed ad blockers on some publicly accessible computer, or a computer for multiple users, I think very few would complain about issues. If I disabled JS on the other hand...
> How do you value usability but then have every other website basically disabled?
Clearly, it depends on how one uses the web (i.e.: what sites one frequents). In my case well over 95% of sites I visit work without Java Script. The reason for this is I primarily visit sites that have text as their main content.
Why do I bother going to this trouble when, these days, most of the web considers JavaScript 'on-mode' as the 'essential' default? Well, I've multiple reasons the first of which is useability. Whenever I have to use a browser where I am unable to disable JavaScript (i.e. on machines that I don't own or control)—I feel both frustrated and no longer in control of my browsing experience, here's a few of my reasons:
1. Speed. Fundamentally, I find that with JavaScript 'on' the browser's usability suffers enormously, its response speed drops to the point where it's damn difficult or painful to use (essentially, the browser's ergonomics have taken an unacceptable nosedive). If you've ever browsed the web without JavaScript for any length of time then you'll greatly appreciate the truly enormous increase in rendering (display) speed of web pages when JS is turned 'off'. Moreover, the browser not only renders pages much more quickly but also the rendering is much smoother—gone are the pauses and jerky page-loading operation that so often plagues JavaScript's operation.
1.1 Why users actually put up with such unacceptable response times I can only attribute to the fact that most have never used a browser with JavaScript disabled. This alone is an indictment of the web/development industry: for when websites downgrade users' browsing [useability] experiences for their own explicit benefit (and or pecuniary interest) then they are effectively exploiting users. Essentially, users do not really benefit from the use of JavaScript, but websites do, and they do so mightily!
2. Security and Privacy are so much easier to enforce when a browser's JavaScript is disabled. Right, that's a sweeping statement but it's easy to test. Using your browser's default settings and without additional add-ons or plugins (with the exception of say a JavaScript on/off toggle add-on), go to security/vulnerability-testing sites such as by Steve Gibson's, (GRC's) ShieldsUP!! or the EFF's Panopticlick, site and check your browser's privacy and security with and without JS. You'll be surprised. Moreover, many of the privacy-invading techniques used by websites to steal your personal info are killed stone-dead if JavaScript is disabled.
3. Neutering JavaScript works wonderfully as a first line of defence against ads and ad/user-tracking. Even without AdBlock or similar ad-blocking software, ads are essentially yesterday when JavaScript is disabled! Adding ad-blockers, etc. later only improves one's blocking experience. Make no mistake, JavaScript's main web function is to make it dead easy for websites, advertisers and Tech Giants to track you wherever you go across the web as well as to supply you with targeted advertising, etc.—everything else—all of JavaScript's other features are only of ancillary benefit (and prior to JS's introduction, the web had other alternatives).
Nowadays, I'm essentially out of touch with the latest ads as I never see any. …And what a truly wonderful condition that is.
4. Websites that Require JavaScript. When I encounter a website that absolutely requires JavaScript to function so conditioned are my reflexes that I find I've backed out and off it without me even having realizing it. I can wiz through dozens and dozens of news items on Hacker News and easily bypass any sites that will not function without JS. I've never needed to worry, as on the Web there's always thousands of equivalent or alternative websites that are more 'cooperative' from which to choose.
5. In very rare instances when I must visit a site that requires JavaScript to function, I've a browser add-on that has an icon on the navigation toolbar which allows me to simply toggle JS on and off whenever required. Accidentally leaving JS on is almost impossible as the icon changes from green to red when off. Similar methodologies apply on my rooted smartphone: along with the absolute prerequisite of completely removing (deleting) Google's GApps, the 3rd-party browser I use has a feature to turn JavaScript quickly off.
I'm a heavy web user and have been so for decades, I often literally peruse thousands of web pages per day without any need for JavaScript whatsoever. I only add that I feel sorry for the many thousands of you who are welded on to addictive sites where JavaScript is necessary.
Tragically, JavaScript's unfortunate arrival on the web several decades ago was the beginning of the end of the old fast web as we once knew it, and if we are to ever reclaim the web for users—claw power back from the Tech Giants like Google, Facebook et al—then we will have to begin by severely curtailing JavaScript's power.
Limiting JavaScript as outlined in the article isn't anywhere near a satisfactory solution. For starters, can you imagine the fights and disagreements over how these various, essentially arbitrary limits will be set.
Keep in mind that it is JavaScript that fuels the Tech Giants' presence on the web and thus they're the ones who are its 'true' pushers. Like drug peddlers, they've forced this horrible, unnecessary, pernicious JavaScript scripting 'kludge' onto us users so as to maximize their business models—that of maximizing their profits, and they've done so at the expense of us users. In a much more user-centric web environment, none of us users would ever need this JavaScript 'junk'.