Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical
 
PerlMonks  

Re: I mostly browse with JavaScript...

by Dog and Pony (Priest)
on Aug 14, 2003 at 00:05 UTC ( #283723=note: print w/ replies, xml ) Need Help??


in reply to I mostly browse with JavaScript...

I have JavaScript turned on, except for popup blocking and some other small things that Firebird allows, such as stopping scripts from faking stuff in the status bar and such. Some sites I frequent use popups for their message system which is kinda stupid, but those go in a whitelist, so no problem there.

The whole notion that javascript should be disabled by default on every site is pretty strange to me. Yes, on this very site javascript could be used to take control over someones account (as I even demonstrated hands on in some thread after a "put your money where your mouth is" challenge). But this site is a rare bird in that it allows user posted HTML and javascript pretty much unchecked, *and* it uses a login cookie that is not session based. Session based cookies aren't safe either, but sessions can be timed out.

Sites with this kind of system and especially that combination is rare however, so for almost any other place this is not an issue. Disabling it on this site might be a good idea though, if nothing else because some home nodes likes to annoy people severely because their owners has some kind of JS-hate. I don't mean the friendly warnings about the security, but rather the ones that crash browsers or popup a million windows/popups and such. Pretty silly.

I rarely use JS myself, but used right, it can really enhance a site, and in a much better way that those stupid flash sites that just makes sites hard to use. Flash is good for games and funny movies, nothing else IMO. :) Like any technology, there are good and bad uses.

As a side note, JScript (the MS version) and VBScript and all that crap has at least in the past shown to be very dangerous beasts, with severe security issues and the possibility to write a virus on a web page. Having those disabled is probably still a good idea, and I suggest doing that by not using IE. Finally, the replacements such as Firebird is actually better in all respects, not just better morally, philosophically and in some areas such as popup blocking and security. So no excuse to be on IE still. Apart from some special sites, though Firebird works nice at my bank too, and no site I've wanted to visit the last few months have required IE anymore. Happy me. :)


You have moved into a dark place.
It is pitch black. You are likely to be eaten by a grue.


Comment on Re: I mostly browse with JavaScript...
Re^2: I mostly browse with JavaScript... (disable)
by tye (Cardinal) on Aug 14, 2003 at 20:54 UTC
    The whole notion that javascript should be disabled by default on every site is pretty strange to me.

    I have JavaScript completely disabled by default. When I find a site that "doesn't work", I consider how much I trust the site and how much I suspect I'll value what the site has to offer and decide whether to forget about the site, browse their javascript to see what kind of stupid things they are doing, or just turn on javascript and try again.

    In the vast majority of cases, the javascript is extremely stupid. It warps the user interface in ways that I find annoying or even obnoxious, is often buggy, leads people to leave their servers more vulnerable (expecting the javascript to protect them). What would have been a simple, nearly trivial, clean, consistant interface w/o javascript (such as a simple link or a form with one or just a few fields) turns into something that doesn't work at all w/o javascript and works according to the quirky, inconsistant notions of the particular "web designer" and is often broken even with javascript (especially if you have a different version than the one they tested with, I presume).

    This has everything to do with the quality/character of "web designer" that produced the page. However, I find that the vast majority of sites are poorly designed when it comes to javascript, usually extremely poorly designed. (The sites that manage to succeed and become popular are usually much better. To take one example, how could Wendy's have produced such a horribly broken web site??)

    I also don't assume that javascript is totally secure. There certainly have been security holes in the past. I think such gets very little attention these days due to MicroSoft's great talent at providing ways to propogate malware. But when surfing, it is very easy to suddenly end up on the very wrong side of the web (with just a single click, usually from google). I don't care to just allow any bozo who can figure how to get listed high enough on a google search to run his code on my computer, no matter how cleverly some people think they've sandboxed the code.

    I like knowing the difference between data and code. I like having wide access to other people's data. I don't like having to run every random bozo's code in order to see their data. I felt that way long before javascript and Outlook existed. And I like the idea of letting the browser customize the interface instead of having every bozo express their individuality by changing the way their site behaves *when other people visit it*.

    Isn't it telling that an entire industry has been created for the purpose of disabling parts of javascript? I'm glad you found product(s) for that which satisfy you. On the several occasions that I've looked, I wasn't satisfied with anything I found. Note that that includes browsers that people have raved about in exactly the tones you just used. So, no, I don't run out to try a new browser every time someone tells me yet again what would be a great alternative. I make such attempts with decreasing frequency with each failure/disappointment. So I'll try again eventually, but certainly not this month.

    My bank does a decent job of using javascript to let me do on-line banking (and they still do dumb things to the user interface, but they tend to slowly improve). And I think they'd do an even better job if they used much less javascript. So I'm not saying I want to ban all javascript, just 99.8% of it. (:

                    - tye
      Isn't it telling how HTML was originally conceived with the concept in mind that the reader's user agent should decide how the marked up information should be presented? I don't mind the "webdesigner" making a (strong) suggestion at how their content is best looked at, but I find it indescribably annoying when they try to impose their views on me (the worst are sites that open in fixed-size popups with all controls hidden).

      Makeshifts last the longest.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://283723]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (4)
As of 2014-09-19 02:08 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    How do you remember the number of days in each month?











    Results (129 votes), past polls