(Blah blah, possibly ot, del if needed, etc etc)


I often see lots of monks here disparaging javascripts role in the sucessful webpages, citing issues such as "It's a security risk", or possibly "my browser doesn't support it". Next, i'm going to address these issues.

Security Risk:

The number one issue that most people cite when talking about Javascript as a Security Risk, is a so called cross site scripting attack, wherein (apparently), someone inserts some malicious javascript code in a server that steals a password stored in a cookie. This is a somewhat valid concern, as someone could possibly do this, but it places the blame squarely on the innocent party, in this case: Javascript. It is the Website's responsibility to validate all the data it sends to you, whether it is user entered or not, javascript, html, or even executable files or script files. Blame javascript for the fact that someone, somewhere can use it maliciously, is like blaming email because people write outlook viruses, or blaming C/C++ because people can write various worms and virii in it.

My Browser Doesn't Support it:

Get a fricking decent browser already. The odds are good that if your browser doesn't support javascript, then it doesn't support CSS, or it supports a very, very limited subset. I could ran on about this, but instead i'll simply link to a very nice article on this, namely: To Hell With Bad Browsers.

In the long run, javascript can be used in hundreds of different ways to enhance the usability of your site, and thus enhancing the over all User Experience. A few examples of these include client side form validation, news tickers all the way to DHTML menus, allowing you display a great deal of information in a small area.

Update: When I said 'client side validation' I of course meant in addition to the validation serverside, but good catch pointing that out, i see that someone could have taken it the wrong way.