
Disabled JavaScript myths - DjDarkman
http://blog.istvan-antal.ro/2010/10/disabled-javascript-myths/
======
eiji
Seems like JS is a hot topic today. Let me try to argue in favor of disabling
JS, using the very same three points. I'm one of those more strict JS disable
people, but feel free to correct me if I see things wrong.

1) Using JavaScript is insecure: Without doubt JS had security holes in the
past, and they continue to show up.

2) JavaScript is a privacy threat: This has a lot to do with what you define
as privacy. To my knowledge it is possible to track my cursor in the entire
website, while I'm on it. This is a example of what I call a privacy issue.
Some people my not care about that. Interactive parts of a website always
expose the way I interact with it. Sometimes this is fine, because the product
needs it to function.

3) JavaScript saves bandwidth: I think that not so much because of the initial
load of a webpage. JS enables a webpage to costantly query back to the server.
An example is gmail, and the notification for a new email, while you are
logged into gmail.

People should not take this too personal. If your webpage is truthfully, or
offers something I'm eager to use, I'll give it to you.

~~~
DjDarkman
> 1) Using JavaScript is insecure: Without doubt JS had security holes in the
> past, and they continue to show up.

Those are browser vulnerabilities, not JavaScript vulnerabilities, you should
have seen the same happen with PDF, these are browser bugs, they get patched.
Example: if your break malfunctions in your car, you'd get it fixed instead of
replacing your car with a bike.

> 2) JavaScript is a privacy threat: This has a lot to do...

Native applications can also do that. Here you could easily write a browser
extension to disable mouse tracking or whatever you wish, you don't get this
so easy anywhere else.

> 3) JavaScript saves bandwidth: I think that not so much because of the
> initial load of a webpage. JS enables a webpage to costantly query back to
> the server. An example is gmail, and the notification for a new email, while
> you are logged into gmail.

If you do this correctly you could mostly get away with few bytes per request.
You can't do this without JS.

------
kls
I argue this one all the time, just look at my post history. The fact is the
world moves on and this is the way of the future whether one likes it on not.
It is happening, has reached critical mass, and users are demanding the
increased usability that it provides. Further marketing and accounting
departments are crunching the numbers and finding that you spend more chasing
this small sub-set of the market. When faced with spending 25% of your budget
chasing a slower development model to support 5% of the market or to spend
that 25% adding revenue streams or increasing conversion on the 95% then it
becomes a no brainier.

