
Ask HN: Is there a version of HTML that bans JavaScript? - zoobab
Javascript is a privacy nightmare, and a CPU hog. We need a way to technically ban it.
======
moviuro
[https://developer.mozilla.org/en-
US/docs/Web/HTTP/CSP](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP)

    
    
      Content-Security-Policy: default-src 'none';

~~~
zoobab
Not like this?:

Content-Security-Policy: script-src 'none';

~~~
moviuro
Probably yours, yes. On my own blog, I use:

    
    
      default-src 'self'; base-uri 'self'; style-src 'unsafe-inline' 'self'

------
avoidwork
[https://en.wikipedia.org/wiki/Lynx_(web_browser)](https://en.wikipedia.org/wiki/Lynx_\(web_browser\))

~~~
zoobab
I meant server side, not client side. I can also install browser plugins, but
that does not help.

