(EDIT: this is the relevant quote, but worth reading the whole article)
I have to say that this article is actually quite terrible, as is the opinion that any option that might ever be confusing to a user is an option that shouldn't ship with the product. The thesis of the article is:
"Well, we have met the enemy, and he is us.* In the currently shipping version, Firefox ships with many options that will render the browser unusable to most people, right in the main settings ui."
The solutions offered? Kill it all with fire. I'm paraphrasing, of course.
Problem: People today change some feature then have a "broken" browser (basically, they forgot to turn it back to the default, or they didn't realize they changed it in the first place).
Solution: reset button, also notification to the user that "this page might not work correctly", some sort of an extension of how Chrome shows you that a popup and/or a cookie was blocked, based on your settings. Don't treat your users like idiots, just provide information that clears up certain odd states by explicitly informing them of something like:
"The webpage you are viewing may not work correctly because the following options differ from their default values:
1. Enable automatic loading of images.
These features of Firefox are essential for most webpages to run properly. If the webpage you are trying to access is behaving strangely or appears to be working incorrectly, <click here> to load the page with the default browser configuration."
Done, and done. No removing useful features from the browser, no treating users like morons, but now I have a new, useful, awesome, self-debugging feature which is user friendly, and doesn't require a pesky IT guru's assistance navigating the sea of 10 trillion options.
This was true 10 years ago. These days, every additional setting the application has is a liability. There is a growing group of people, who are scared to have conversation with their browser and make any informed decisions. They ignore such messages. Other people will change any setting they can find and then forget about it. Then they will be surprised and angry at the application that it is not working.
You are absolutely right that configurability is a sign of laziness, the opposite of hard work. But removing configurability is _not_ the sign of hard work. Hard work means addressing the interests of all parties, and Mozilla did not do that.
Assuming you're correct (which I'm not convinced you are), when you then continue, "I have a checkbox that will make it so they don't track you, but it will also break those sites. Is that ok?" They will also respond "hello no".
Right, because you can easily say that a non-user-triggered window.open() is almost always unwanted. I can't think of any other cases where it's so clear-cut and related to JS, or that disabling a particular facet of JS always would be a net win.
If you're going to claim that there's something like that, provide examples. How do you know people at Mozilla haven't already thought hard about this problem and decided there isn't much more they can do? I bet they have.
-> This overstates the case, because you'd still presumably load the 1x1 tracking png with ?resid=<X>&uid=<Y>.
> "I have a checkbox that will make it so they don't track you, but it will also break those sites. Is that ok?" They will also respond "hello no".
This overstates the case most of the time because doing this generally breaks relatively little for those domains listed, and to the extent it doesn't, making that decision on a domain-by-domain basis seems to work pretty well (ask any Noscript user)
> When you are on Google search and you click on a link it's tracked that you went to that link.
Perhaps, but Mozilla should do it anyways.
Make no mistake: advertisers believe that they have a right to know what links you click and sites you visit across the whole web, and even a right to enlist your browser to aid in informing them. And Mozilla is complicit!
(And why not? Recall who pays Mozilla’s bills.)
As far as blowing off your leg, sometimes you just really hate tennis elbow, you know?
I did read them, and I did consider them. After thinking up a reply as why you think basic client display capability querying mechanisms are inappropriate, I decided you were most likely being sarcastic.
At this point, with your reply taken into consideration, I'm confused. Feel free to elaborate.
> If ... you are doing Internet wrong
Well, my first sentence was actually asking you, since I wasn't sure.
Correct. I'm being completely serious, with the exception of the remark about exploding limbs (obviously).
JS has more features than it deserves for learning about and (critically) sharing information about the host platform. Yes, you can still learn some things as a website operator by watching what browsers load/don't load, and what they put in their requests.
Edit: I should hasten to add that there are other concerns beyond privacy, like accessibility and the fact that a web page has no bloody business deciding that I'm likely running an iPad and therefor I shouldn't have access to X or Y. This is dumb, and contrary to the idea of the open internet. It's the same thing that's wrong with this EME nonsense.
Ah, I took your position as being able to determine screen size (or have it determined automatically through CSS or some other hands-off mechanism) itself was also unneeded, not just that JS should not have this capability.
I can get behind most of what you say - as long as we are talking about simple, presentation based websites.
Where I think there's a breakdown in this view is when you consider complex web applications, including games. At that point, I believe some level of inspection capabilities are required, if we desire to have complex web apps delivered through the internet. I'm by no means sold that on-demand web delivered code is necessarily a good thing though. There's far too large a surface area to adequately secure while still making it useful, IMHO.
"These days, every additional setting the application has is a liability."
If we follow this thinking too far, we end up with a closed console like device, or Gnome 4 as parodied last April .
Surely there is a case for progressive revealing/enabling of advanced functions?
In the UK, the Blackberry phones are very popular with teenagers because of BBM. This desire to access BBM even extends to students carrying two phones, one an old blackberry handset on wifi and the other an iPhone or whatever. You will find small groups in corners at lunchtime exploring the features of the handsets. Experts will coach those who know less. If I could get that level of peer tutoring going in Maths, I'd have my OBE in the bag quite soon! Users can increase their knowledge provided the unfolding of extra features is managed.
Removing options is NOT the way to go. If anything, there should be more options, until computers understand natural language.
To be most intuitive to use, computers should converse like a human. Humans have LOTS of options, and everyone understands that. E.g. if I ask a human to make a sandwich, I can specify all the ingredients I want, how and when I want it, and so on.
Far future of course, but that is the most intuitive end goal of computers: you ask them what you want in natural language, they understand and provide it.
For now, because the above does not yet work, please provide options. Fortunately Firefox provides many options for those who need them: about:config. I find it really awesome if you can adjust an application to your needs at such fine grained level.
I think your sandwich analogy is spot on in the sense that I can also just ask a human "please make me a sandwich" without specifying anything, and (most) humans could proceed to do so without more details. There should be more options, and a good "default" mode for people who don't want to fiddle with them. To my knowledge this is why most wizards have basic configuration options and a "advanced" button to click for the detailed configuration, and I don't see why Firefox can't just have the same thing.
Because some help desk told them to. The other day chase manhattan was down with a full on 500 server fucked up. Their twitter account responded to me telling me to clear my cache and delete my cookies. Classic.
Sorry to be blunt, but it's clear you have never had to design or support a user-facing product. Anyone who has done either of these things will disagree with your base assumptions, ie. that users care about understanding their software, that they read warning texts, and that they don't mindlessly flip switches when trying to achieve unrelated goals.
That's the point that seems to be missed in the discussion: sure, let Mozilla shuffle options where they want, hopefully with some thought; but don't change the user's configuration. If you feel that it's absolutely necessary to do so, then pop up a big banner saying "We want to change your settings. May we?" To do otherwise is bordering-on-crapware-tactics rude.
> Problem: People today change some feature then have a "broken" browser
They forgot what is changed, how to return back, no reset is not a solution.
Solution: Educate users, provide "Undo" and "Redo" buttons, highlight changed controls
I am not planning on implementing that, but let's pretend I want to. When would that dialog come up?
Attempt #3: make that dialog less intrusive; do not require acknowledgment. Result: users get trained to overlook it; users who accidentally enable the mode will never figure out what happened to their browser.
Attempt #4: a whitelist of allowed scripts. Problem: users will disagree about what should make it into the whitelist.
Attempt #5: the JSBlock extension. This may have merit. So, if you want this feature, download it, or write it if it doesn't exist yet. If the API does not allow writing it, bicker Mozilla.
Understand that no dialog is necessary for such an idea to be implemented at all.
The webpage you are viewing may
not work correctly because the following
options differ from their default values:
1. Enable automatic loading of images.
These features of Firefox are essential
for most webpages to run properly. If the
webpage you are trying to access is behaving
strangely or appears to be working incorrectly,
<a href="">click here</a> to load the page
with the default browser configuration.
Also: how is that not a dialog? It presents a message to the user, and waits for a reply.
> Don't treat your users like idiots
The author of that article says: "Is it really worth having a preference panel that benefits fewer than 2% of users overall? — obvious spoiler alert: The answer is no."
The answer is yes. If 2% of users have a purpose for it, perhaps it wouldn't have been high up on the priority list to implement as a new feature, but it's already there, and removing it requires extra work. Is it really worth removing features from an application to deal with some hypothetical problem that's been posited under the assumption that most users are idiots?
If there really is a problem, it may be worthwhile to move it to an "advanced settings" panel, but removing it entirely is a terrible idea.
If users don't know the difference between Diesel and Gasoline, better option is to educate them in context (e.g. handle of fuel pump) rather than closing down all Diesel pumps.
If people don't know the difference between diesel and gasoline, is a note that says "Note: Diesel is not the same as Gasoline" going to help? Doubt it.
The assertion is that 'configuration creep' is overwhelming for the unsophisticated user in the first place, adding even more notes and explanations to all the configuration options is not going to help.
>If people don't know the difference between diesel and gasoline, is a note that says "Note: Diesel is not the same as Gasoline" going to help? Doubt it.
Really? I would think that sign would help everyone who knew how to read, bothered to read, and wanted their car to run. A sign with a simple message like that was enough to fix one national timeclock system that I worked on. "Do not do X before 12:00 Noon unless Y." in English, Spanish, and Polish.
For the people who still messed it up that we found by using heuristics on all of the punch data, we sent reports to their managers that said that they had probably done something wrong. After 3 or 4 cycles of this, the failure rate went from 15-20% to 1-2%.
Unsophisticated users remain unsophisticated users if you systematically remove configuration until the application only does one thing one way, badly.
Only if you want 9000 apps, because then it becomes a question of which of those super narrowly focused apps will work to do what you want to do. An email client that only emails your mother is a good emailing your mother client, but a bad email client. If they take away configuration for people with stepmothers or two mothers, because it's only a 5% use case, it's even a bad emailing your mother client.
If you know your car runs on gasoline, and you don't know the difference between gasoline and diesel, then you see a sign that says "diesel is not gasoline," you know that diesel is not what you're looking for - even though you still don't know the difference.
1. As the blog post has said, many web sites will fail in mysterious and unexpected ways. Some web apps may be rendered completely useless. In fact, you might as well just say goodbye to the modern web if you're gonna totally disable JS.
I wasn't aware I could set a field to SUM(..) etc from the gui... Most of the features in Excel are a bit under the covers.. and far more so than about:config... maybe the "advanced settings" tab should be a button that just takes you to about:config with a warning?
Err... I just opened up Excel (2002 since that is all I have at work), selected a cell, clicked on the SUM button (sure it uses the mathematical symbol for sum but if you hover over it, it says SUM), and then was able to click and drag (or CRTL + click for nonconsecutive cells) to select cells for the sum. This is all via the GUI. I'm not sure how this is hidden. Heck, I did this in a Japanese version of Office which I can't read.
Is this different in Office 2010 or any of the newer versions of Office? I mostly use LibreOffice and even there it has the same "all GUI" functionality.
Honestly, didn't know, I rarely use excel, but do know a lot of people who do a ton of VBA code to connect to database resources to create interactive spreadsheets.. and a lot of that is far from common, button-click functionality.
And in any case, for those that want it, it's in about:config ... I doubt anyone who should be disabling JS would be looking around for it in a config frame, and not do a quick google search. I've generally adjusted most of my settings via about:config, mostly cache related for me, but if I'm playing with js settings etc.. it's easier to keep a tab open with about:config than a modal.
While you may know a lot of people who do VBA code in Excel, that is actually far from the norm for the average corporate user. From my non-CS friends who have worked in both large and small companies, I have heard tons of horror stories of the insane spreadsheets that low-to-average users make using just the GUI functionality. Huge spreadsheets with formulas spanning tons of sheets to simulate what could be done in a simple function. These spreadsheets get huge over time as coworkers slowly add/update functionality over time. All using the GUI which makes it a cluster fuck (my friends' words) to understand.
And all of this actually is equivalent to the "uncommon" VBA coding that you hear of. I wouldn't be surprised if all of the VBA code / spreadsheets you hear about evolved from one of these massive GUI created spreadsheets. Why? Anecdote time:
Those VBA sheets tend to come into existence when a non-programmer decides to learn about macros, updates one of these sheets to be simpler (less data entry), and it actually works. One of my friends was one such employee and she ended up converting a few of the inefficient spreadsheets into a single faster (though still slow) one. Due to cutting down the amount of manual data entry and processing time, it made what used to take a few days of work into a single day of work (mostly to have the sheet run calculations). If this creation gets useful enough, it can take a life of its own in the company and eventually some manager might make it the responsibility of an "IT" guy to update the code. Usually because the original employee got promoted (or left for a better job) due to killing their performance reviews. My friend was one such employee who left and actually did this at more than 1 company leading to a pretty damn well paying job at a young age. Last she heard, her original spreadsheet was still being used and semi-maintained by IT. And this it how I believe a lot of those VBA coding projects come into existence.
My dad takes great pride in complex VBA code. Unfortunately, this can backfire. A few years ago he was brought in to help manage a particular support system for a large telecoms company here in the UK, which involved a lot of Excel donkey work. He understandably figured out a way to automate about 50% of the work of the entire system.
This meant that he freed up plenty of time for the entire team he was on. Unfortunately, this meant that they now had surplus staff, and as the newest arrival, he was the first to let go.
Yeah, incredibly backwards internal politics, but I swear it's true.
100% believe you because this was one of the concerns my friend had about sharing her work. Only management didn't go the firing route. They ended up giving the employees even more work because of their newly found free time.
What makes you say "Advanced settings" dialogs mean poorly thought out UI? I think it's a very good way to tell novice users, "don't open this panel if you don't know what you are doing". And if they still do it and something wrong happens, they'd immediately know the reason.
User has trouble with software. User says that software is "too hard to use". A usability/interaction team are tasked with making the software "easier to use" and set off to find "confusing and infrequently used" features they can kill off.
Obviously anything on the 'Advanced...' dialog makes an easy target.
Implementation isn't the only cost of features. You need to test them so they don't break. Features can be a burden for the codebase and removal can lead to many edge cases becoming unnecessary. A magnitude of features can overwhelm users, especially occasional users. They steal attention from other features that you may find more important.
And the most important point here: This feature really is broken as of today. Nobody can persuade me that they use it on their main browsers. I don't believe them.
But you don't need to disable JS altogether to prevent that, only disable replacing context menus. Unfortunately for that argument, updating to FF23 removes all of the 'advanced' JS options, not just the checkbox to disable it altogether.
The other thing Alex posted is firefox really gives you no indication of why the internet looks weird and is breaking left and right. So you can disable js or images or ssl and unless you're lucky enough to know a programmer or IT person really have no guide to undoing whatever happened.
I remember a user flat out lying about what an error box said over the phone. I asked her to read it out, she gave be what was in her head, not on the screen. I asked her to read it word-by-word, she did the same. I asked her to read it out letter-by-letter ("I've never seen that error there before, I want to get it exactly right so I can ask the programmers...") and then she actually looked at what it said.
Oh the dread that phone support brings back to me... The number of "tricks" we had to use to get users to tell us what they actually saw, and do what we actually told them, rather then what they thought they were looking at or thought they should do...
Anyone interested in psychology should do phone support for a few weeks...
I still don't understand why people do this. They get so frustrated (or defensive or something else) that they refuse to tell you what is on the screen and/or make something up.
My guess is that they dismiss error boxes too quickly, or work ahead of you and are afraid that you'll figure it out if they tell you what their error box actually says, and they'll get an F on the test and will have to go to summer school.
On the flip side, I remember playing "Windows XP: The Roleplaying Game" with AT&T support, when they wouldn't give some very simple network config information without me checking a bunch of things on Windows with IE first.
You're presuming people know what they're doing. If someone clicks a bunch of boxes and things break, they might not know what boxes they checked/unchecked, they might not know how to get back to that window again (which menu item was it again?
If you think users aren't that stupid, you're wrong, they are that stupid. If you think people should not use the Internet if they don't understand that much, then you're suggesting kicking a large chunk of the population off the Internet. If you work in IT, kicking a lot of people off the Internet is a surefire way to reduce your industry's size.
replying to myself:
one more way apple simply makes better software: safari offers a simple reset option that seems to reset all browser settings. Now, this doesn't help in the case of a user not understanding what went wrong, but I can tell someone over the phone "click on safari -> reset safari" far more easily than walking someone through deleting a firefox profile while saving bookmarks or reinstalling firefox and creating a new profile. I don't like safari as a browser, but it's to apple's credit that they offer this simple option so I tell my mother / mother-in-law to just click reset if the internet is weird.
A novice was trying to fix a broken Lisp machine by turning the power off and on. Knight, seeing what the student was doing spoke sternly – “You can not fix a machine by just power-cycling it with no understanding of what is going wrong.”
Try disabling cookies. This exactly describes the effect, except that it's not mysterious once you're used to it. If something doesn't work, I open it in Chrome (where I have cookies enabled), and it works.
In many cases, I suppose the developer doesn't know about the cookie dependency (because of a framework or some other dependency). In other cases, I guess they don't care. Rarely does the page actually tell you that cookies are required.
That is a terribly user-unfriendly design decision because it does not distinguish between failure modes. Maybe your site is broken because I am running noscript or maybe it broken because it is mis-configured or recently hacked or my ISP's proxy is black-holing things or a dozen other things that could go wrong.
The point is that it is relatively trivial for the developer to add automated checks for per-requisites and display warnings for the ones that are missing. It is a lot harder for each user to manually run down through the list of all the things that could go wrong.
Just don't make the warnings into roadblocks. Inform the user and let them decide to proceed or not.
Actually, it's possible to implement in it an unobtrusive way that makes users feel more comfortable. The huge popups usually comes from the same websites that do popover ads (that commonly end up invisible and blocking scrolling with adblock) and auto-play videos.
Most of the time it's a small bar on the top or bottom of the screen. Stop whining.
Again, blame the web designers who don't even do enough diligence how others do the same. And demands of proper, obvious labeling is one of the better tools to stop companies from putting useless crap everywhere.
I don't see this. Web is filled with advertising, new laptops are filled with crapware. Labeling didn't do nothing to stop these things. What we get from lawers on the web are idiotic terms and conditions, "I agree" buttons under the wall of text, copyright craziness with idiotic cease and desist, persecution of people publishing secrets or just snooping around. I think if lawyers kept there noses out of the web it would be much safer place.
Guessing you don't use facebook, twitter or any major webmail provider like 99.99% of the users online do. For over 99% of users this is a feature that shouldn't be visible.. for the other 0.0x% there is about:config ... I don't bitch about having to go into about:config to change my cache settings for when I am testing...
Strongly disagree. Lots of the web may not degrade gracefully, but then also lots of it does.
However, I will concede that your opinion appears to be the most commonly-held one, even among some developers. And it's probably not going to change for the better with news like this Firefox development... :-/
Simple sites won't see this as a problem, but for mildly complex sites, you'll have a matrix of "is js on ? off ? " "is css on ? off ?" "does it accept cookies?" "is this html5 thing available ?" "is there enough memory for this or that?" , and you'll add to the mix screen sizes and the availability of a keyboard or not, etc.
There's already so many moving parts, saying "this browser handles cookies, every newest features of css, html5 and everything. Except js won't run." is just a recipe for ugly user experiences.
Slightly OT, IMO blacklisting specific js (e.g facebook, twitter etc), or having browser giving an option to kill scripts that take too much time or too many resources should be healthier for the devs and the user than just turning js off on the whole site.
How are we meant to handle AJAX requests that fetch data to display on the web page that allows users to achieve the goal of their visit? Without JS enabled, that part of the page will be blank, and many modern, rich content-heavy sites now pull data from different places on the fly, it's just how it is.
Is your idea of gracefully handling this situation putting a noscript tag there saying "please enable JS"? If so, what exactly is your problem with removing the option which we only ask users to re-enable anyway?
As many others have pointed out, you can still disable JS if you really need to. It's average non-technical users who don't require that option.
I know exactly what you mean by AJAX being an accessibility nightmare, and perhaps my own recent over-indulgence in using AJAX to populate the website I made will come back to bite. Time will tell, and I'm willing to eat humble pie over it. But in my defense the client's requirement was to get that content on the page, and AJAX was the only method available to me.
> How are we meant to handle AJAX requests that fetch data to display on the web page that allows users to achieve the goal of their visit?
Make the request from your server, parse it on your server, template it on your server, and deliver the HTML result to your user.
> Without JS enabled, that part of the page will be blank, and many modern, rich content-heavy sites now pull data from different places on the fly, it's just how it is.
Perhaps the developers of these modern, rich content-heavy sites can learn how to do their jobs properly?
> Is your idea of gracefully handling this situation putting a noscript tag there saying "please enable JS"?
Sounds cool, but speaking from recent experience, the option to make the request from the server, parse it on the server, template it and deliver it was not available to me for the job I was asked to do (as a frontend developer).
Sometimes it comes down to doing it with client side AJAX, or not doing it at all.
With developers learning to do their jobs properly, sure when the luxury of time and starting a new site from scratch is on your side. And with backend developers and engineers ready to configure the ultimate content delivery mechanisms. But what of when you don't have that luxury? What then? Just decline the job? Maybe, but then someone else will come along and do the AJAX, and get paid because the content appears when the site loads every single time (provided JS is enabled ;-).
One thing that surprised me a lot recently, is I started a rewrite of my personal website using Bootstrap as a base, where the old one used jQueryUI... iirc, I included the kitchen sink in the old version.. however, the new one came in a bit heavier on the download/overhead... even with a better min/merge plan.
I can say the new version I am working on looks better, and is actually usable on a phone, just the same, I am not sure I'd like to see the UX on a bandwidth constrained mobile connection.. it's still well under 1MB total, but it seems that we should be working towards being under 100K for an initial load, and given all the targets for different browsers, and work arounds, and libraries, tools etc.. I just don't know where we are going.
We have more target browsers and size constraints than ever, and it's more complicated than ever. I don't miss the V4 browser wars (IE4/NN4) but it seems that targeting a 700px wide or 960px wide site was way easier than the rules today, mobile first or not.
A few months ago, I switched to using w3m inside emacs as my primary browser.
As for non-technical users -- they're probably not going to be opening Firefox's Preferences dialog in the first place. And if they do, they probably aren't going to start randomly checking and unchecking stuff to see what it does. That's something an adventurous geek might try, but certainly not your typical non-technical user.
If Firefox developers wanted to additionally protect the average user from this dangerous button, they could have simply stuck it in the Advanced tab of the Preferences dialog, or added a scary warning about being doubly sure that the user knows what he's doing (like they do with about:config).
"As for non-technical users -- they're probably not going to be opening Firefox's Preferences dialog in the first place. And if they do, they probably aren't going to start randomly checking and unchecking stuff to see what it does."
You would be surprised what non-geeks tend to do when they have no clue what to do.
> As for non-technical users -- they're probably not going to be opening Firefox's Preferences dialog in the first place. And if they do, they probably aren't going to start randomly checking and unchecking stuff...
You clearly haven't worked with the same non-technical users I have. It took ages to figure out that "use TLS" getting unchecked was the reason our site wouldn't load for one particular visitor.
I wholeheartedly support removing all of these check boxes.
I really haven't used it much, except as my default external HTML->Text converter (via wget + HTML::FormatText::Elinks), of which it does a good job.
Hmm, gotcha. I like elinks for it's pretty solid mouse/256color support in in terminal emulators but I haven't used it "from" other programs like emacs (just tmux). In that capacity, elinks is my primary browser for reading documentation (since I usually associate documentation with particular tmux sessions and leave it open for weeks or months on end).
w3m has image support in some terminals though, which fascinates me. I feel like I should probably investigate that some more.
I installed the w3m-img package on Ubuntu 1304, running it in xterm allows image viewing inline.
well said. The fault lies in assuming that the rest of the world works like the way we (hackers) do. The fact is that they do not. Further, many of end users actually do like some of those animations that we find shitty.
JS makes the web feel responsive and interactive. I helps keep the user engaged with you site if used in the correct manner. Removing the option that easily disables it for a majority of users if the right step. Hackers will always find a way around it.
I will say this: it confuses the hell out of daihyou, who spends a lot of time on linkedin.
One man's 'responsive and interactive' is another man's "Did it work?"
> I simply don't understand why you would want to browse the web without JS enabled
It's faster. Much faster. Every time I disable noscript to use some website (90% of the time it's video that doesn't work) I'm always astonished how much GARBAGE most website have. Totally useless stuff.
Popup boxes, annoying underlining with mouse overs, certificate verifiers, bookmarks, social network promoters, chat boxes, and helpers galore.
I suppose that stuff pays the bills? Maybe. But pages are so much faster without it.
And all for what? Someone who isn't going to make us anything near the time it will take to develop.
I'm not saying what you want is wrong. Rather, what you are asking for is to have a game written in c to be rewritten in python because you don't want to use c applications.
> But that stuff is all important for the website owner.
For the minority that do click on advertising, or do not get a instant distaste for any company displayed on advertising that are forcible pushed into ones face, I suggest using a opt-in system. Same goes for tracking, or the constant push for integrating different companies websites with ones personal social network profile.
Last, the golden days of pay-with-your-eyeballs or pay-with-your-personal-data supported services might be counting down. Sooner or later, tax officers will start consider those as transaction as any other, and thus enforce taxes on them.
It's not a question of browser support, it's a question of user choice. Do I want to allow any and all websites to run random scripts on my computer?
For some people and some sites, the answer is an obvious yes. Especially when the script is an integral part of the app or site you're visiting, such as a game or a highly interactive tool.
Sometimes though, the content should be enough. There are plenty of sites out there, like blogs, that shouldn't need js to provide their primary function. For example, I don't feel that I should need to enable client side scripting to view a 140 character tweet on the twitter site.
For some people, tracking via js is the primary concern, and in their case it makes sense to disable js whenever possible, and use offline tools for everything that needs to be interactive.
In any case, this move has a solid precedent, and as others have noted there are plenty of plugins that allow granular control over js execution.
If you disagree with me, and believe it can, I would just love to see a webpage that dumps out valuable data inside my browser. I'll visit it without any browser plugins using the same session I have been using for over a month, promise!
I spend a lot of time browsing the web each day. I spend very little time using "web apps," and the few that I do use can easily be whitelisted, since I rarely try new ones. Everything else is basically a blog, article, some other completely static source of information, or an entirely HTML forms-based interface.
This "extra functionality" is the same "extra functionality" as having a safety cage designed and implemented in a car. Sure, it's just extra functionality that most people will never ever use. Hopefully. Touch wood.
I just counted, and The Verge takes 20 seconds to show any content on my computer with a cold cache. With a warm cache, over 10 seconds. If I disable JS, it's less than 5 seconds either way. And I'm sitting in the headquarters of an ISP (I broke http://speedof.me/ but I'm getting over 150Mb/s).
Most 'non-technical users' don't have a clue about HTML, Javascipt, static features, etc. To them the internet consists of Facebook, Google and Youtube.
I read threads like this all the time: someone talks about "non-technical users" or "your grandma" or "pointy-haired bosses" or the like, and then goes to great length to discuss, in detail, the capacities or cognitive styles or knowledge base of members of these hypothetical categories.
It all seems like a bunch of arbitrary assumptions.
The "non-technical" user is real, in my experience. I worked tech support at a school where the teachers at the school would accidentally delete icons on their desktop and change every setting in the browser one day trying to print something. I've also volunteered as in-person support at Firefox events. Watching people bring in their computers full of crapware and with things modified all to hell before they finally asked for help. These people aren't dumb, they just lack the technical literacy sometimes. But they are most certainly not hypothetical.
Firefox is the most customizable browser available. It's about time they cleaned-up their Preferences panel and leave that stuff for extensions to tackle.
And while we are at it, I wish Firefox would add a search box in that Preferences panel. Its usefulness has been demonstrated in Chrome's Settings and Windows' Control Panel.
Also, Firefox rocks and I'm so happy to see it improve.
That's a very arbitrary line to draw. Some "alternative browsers" exist that wrap the IE rendering engine in a different UI (and some of those include their own firebug-like functionality), does that mean IE is more customizable than firefox (which, after all, forces you to use GTK for your UI)?
Wrapping the IE rendering engine in a different UI is a different browser, but further than that, you can also embed Gekko, Firefox's rendering engine in a custom UI.
Examples of browsers that embedded Gekko: Camino (a Firefox fork for OS X that happened in a time when Firefox wasn't as polished for OS X), Flock and K-Meleon. Google's Picassa for Linux was also using Gekko.
Only Firefox on Linux uses GTK. Even on Linux, there have been previous attempts at supporting Qt as the backend for KDE, but all failed because of the easiness with which you can make GTK look like whatever KDE theme you've got selected - not perfect, but the flaws where not enough to gather interest in further development.
This isn't to say that XUL/Gekko are perfect as their complexity was often the subject of criticism, which is why Mozilla replaced XUL completely with HTML5 in Firefox OS and will probably do so in future Firefox versions - as they are also working on Servo, a next-gen rendering engine that doesn't do XUL anymore: http://www.mozilla.org/en-US/research/projects/
>Wrapping the IE rendering engine in a different UI is a different browser, but further than that, you can also embed Gekko, Firefox's rendering engine in a custom UI.
>Examples of browsers that embedded Gekko: Camino (a Firefox fork for OS X that happened in a time when Firefox wasn't as polished for OS X), Flock and K-Meleon. Google's Picassa for Linux was also using Gekko.
True, but only goes to show my point - if firefox's extension mechanism made it so super-customizable, surely there would be no need for such browsers?
>Firefox's UI toolkit is not GTK, but rather XUL+XPCOM
Fair enough, but the point stands; when writing extensions you're restricted to using the XUL toolkit. Contrast with e.g. activex-based add-ons in Internet Explorer, where AIUI you get the standard windows API and can thus use any toolkit you like.
There are plenty of good things about firefox, but I don't think you can say it's more or less customizable than the alternatives without defining customizability in a very arbitrary way. All browsers have a succession of methods of customization, from simple userjs to custom extension formats to embedding the engine in a new executable, with the power and complexity increasing at each step. That firefox's "extensions" lie at a bit more powerful and complex point along the line than chrome's is not the basis for this blanket claim of greater customizability.
The following rant is somewhat tangential but, as a front-end developer that takes pride in progressively enhancing websites I work on, I think this is a shame for a different reason.
Progressively enhancing a website enables you to still deliver a whizz-bang, fancy-pants UI but ensure that it degrades to a sane text document when viewed in, say, lynx . And it doesn't mean doubling the development time of every feature, which I often hear cited as an argument against. Often it can involve providing a very cut-down equivalent that takes relatively little time to build.
Stop talking. Start doing instead. Employers and product owners are hiring you for your skills, so use them. Don't ask permission to follow best practice, just do. You are more than a code monkey.
Do your employers really not care if a third party outside of their control decide to do something to affect the availability of their site?
Do your employers control, audit and manage every single byte that gets delivered as part of their website? For those they don't completely and accurately manage and control, how do they absolutely ensure that every byte that needs to be delivered arrives correctly and is interpreted correctly in their users browser? How do they remove the risk of all those server hops between their web server and the customer's browser? How do they control that?
The Web cannot be controlled or managed in this way. There are simply too many factors outside of a website owners control that affect how their site is perceived by customers. Without pragmatic approaches it's either an all-or-completely-broken situation, or when a site is built properly with progressive enhancement, a slight degradation of usability that customers don't really notice - because the core experience just works.
Way too many Geeky answers here. I could understand that, after all this is Hacker News.
My bet is that there is Less then 10% of users who cares about this. And less then 5% who just cant stand to disable it in about:config instead of UI.
And if you DO have such a big concern over a missing UI features, you can always go to Opera.
One aspect of this that I haven't heard people get into very much: the idea that a lot of people have, including (probably) most developers at Mozilla and many web developers such as myself, is for the web platform to be a ubiquitous way to deploy applications.
Its amazing to me how many people don't appreciate that goal or really take it into account.
The web should be words and documents first (I think this page is worth reading http://justinjackson.ca/words.html). It's too late to say but if you want a sandboxed application platform, develop it out of the web. I still believe the plug-in was not a that bad idea, not the best idea though. At least you can disable it anytime and you have freedom of choice.
I suspect that the back button will be eliminated next. Because it collapses most web applications and "user experience".
If the web want to become a perfect application platform, all virtue of the web will be lost.
Good old web? What's that? The one with dancing baby gif? Or the old ARPANet?
Web has always been about managing documents in one way or the other. Now those documents are interactive and interesting to watch and listen.
I mean, if my old chem book had cool animations I could tinker with I'd probably be having fun with it right now. I don't understand the outcry for GOW. It's still around and you can still make those sites, but they are usually hard to read (no fancy column layout to make it easy on the eyes) and you have to be a great writer to really engage the audience.
Going back to GOW won't make bad writters instantly better. No more than returning to 8-bit graphic won't instantly make all games better.
I just want to mention that the order of operations here was that the web took the world by storm overnight and application developers said "there is a turning complete language in the standard, lets use it for programs rather than document scripting".
I really wish we had just let html be documents and made a real remote-access application framework to work along side it, rather than having your program be 2 - 3 tags of html and 5MB of js. I'd much rather be sharing a qml application than an html5 one, because the latter was ground up designed to be a full featured interactive graphical interface program.
Okay, since Opera seems to have gone the way of the dodo: Is there a browser for power users? I mean, good luck to Firefox and Chrome, but considering I rarely use flashy websites, I really would rather use something that only works with half the sites, but has the experimentation and hunger for ideas for the sake of ideas more than for the sake of market share these so sorely lack.
Why do you think Opera has gone the way of the dodo? It's an excellent browser, by far the best browser in my opinion. Furthermore, they're changing their renderer to webkit which will ensure no more Opera incompatibility. If anything, Opera just keeps getting better.
I know it's the best, I am using it was we speak and have been doing so since 2000. The last time I tried it Opera Next after the switch to blink, I couldn't install it -- so I read the comments instead, and it sounded like a gazillion of features were missing. If those get all transferred, I am happy and you can strike that comment. But if they only transfer the shiny stuff "most people need", I'd love to move on, just because all of this is sad and I don't wanna see it anymore.
Don't get me wrong, I always wished Opera mainstream success. But I think there is also something to be said for niches, and the desire to appease the existing average just because the balance book says that's the best, needs to be called out on sight. Imagine authors only writing books 98% of the people agreed with or cared about. We'd still be in caves with that attitude.
I know making tools isn't exactly the same, but it's also not totally different, IMHO. We need to aim higher than were we are. Every sports fan knows more and more complicated facts than even using all features of Opera would require. Riding a bicycle, much less driving a car, is more complicated than being aware of what option you just clicked - ffs!
If even Firefox can't help but caving in like that, I simply won't dare to hope Opera does better, until I actually see that happening.
I am sorry for ranting, this topic is a huge pet peeve of me. Like when Apple talked about how folder hierarchies are "too complicated", gah. I know I'm expecting too much of people, but I really would rather err on the side of that, than on the side of expecting too little, and then getting exactly that.
I thought Opera Next is just a beta for testing the renderer. I don't think they consider it the new version of Opera yet, as it doesn't come up as a new version. I'm sure they wouldn't be so stupid to remove all the nice new features they've recently added and that their loyal following rely on.
There was a talk (or podcast?) that discussed how cluttered with vestigial options Firefox and other browsers are. One of the examples was JS - if you turn it off entirely it makes the entire web seemingly broken. As long as the option is there for power users, this is the kind of thing that removing will probably cause less headaches for people in the long term.
A lot of the anger in this case is because Mozilla is once again removing useful functionality from Firefox for very nebulous reasons.
Even if such functionality can be restored by using about:config, or by installing extensions, it becomes a hassle.
They did this with the menu bar, and it hurt Firefox's usability. Now many of us have to waste time and effort reconfiguring it to make the menu bar reappear every time I install Firefox.
They did this with the status bar, and it hurt Firefox's usability. Now many of us have to waste time installing extensions to restore this core functionality.
Many of us are just plain getting fed up with Mozilla's bad decisions, and very justifiably so.
I'm all for change that improves usability, efficiency, and performance, for instance. I'm not for changes that obviously inhibit such things, like the changes that Mozilla has made recently.
As for the status bar, the URL popup shown when hovering over links is much less usable than the status bar. It is harder to quickly focus on, for instance. Having to remember yet another obscure keyboard shortcut for functionality that should be enable by default, like the addon bar, does not promote usability, as well.
The menu bar is not a "waste of space" because it more than pays back its cost by making a huge amount of commonly-used functionality very easily accessible. It is especially valuable because of the cross-application conventions it embodies, making it take even less effort to perform common tasks.
We shouldn't have to manually enable core functionality like menus or the status bar, for example. Such functionality should already be enabled by default when Firefox is first installed. Anyone who doesn't like the menu bar or the status bar should have the option to disable them, of course. But they should not have been disabled by default, or even removed completely.
That's because more people are actually taking the time to understand the browser, dom, markup and language itself, instead of copy/pasting some poorly written image-swapping script. (God I've seen too many of those)... JS has been capable of doing some fairly impressive app-like functionality since the late 90's. I'd say NN4/IE4 was the beginning of that ability, despite dramatically different approaches.
Today, browsers have far more in common (regarding js/dom) with each other (IE8+ too) than at any point pre-2005. And it is about damned time. I still think the likes of jQuery round out a ton of those rough edges, and it still disappoints me to see so many who hate JS because they want it to be (insert preferred language here).
JS is, and has been my favorite language for a very long time.
I hope you realize that the users of Gnome and other X11 desktops have already passed a serious level of technical literacy. In the event they haven't, it's because they're the direct family member of some techie.
I'd prefer if browsers treated the Web as less of a black box, and if they erred more toward helping users understand the world they are exploring.
This is a great idea, but should probably be simpler for the average user. Eg "You have JS off, which will break some websites. Click here to turn it on. The simple option you used in the past to toggle this has gone. Click here to find out how to toggle it now"
As a Firefox user, I feel like most of the people complaining are Chrome users just looking to pick a fight.
This is a nonissue, but continue to make it more than it is.
I'm surprised that checkbox hung around as long as it did. I imagine only maybe .001% of browser users actually really cared enough to turn that off, and if they did, they were probably already running something like NoScript since toggling it in the preferences all the time is way too blunt an instrument anyway.
This is a heavy-handed solution that could be better solved simply by adding more explanatory tooltips. Something like:
Make the primary tradeoffs clear, supply a link to a mozilla.org site with a more comprehensive explanation of what you give up and gain.
Programmers like to simplify, abstract, and modularize, but that isn't always the best strategy with language. Sometimes, even with control panel tooltips, it's better to be a little bit more verbose, take up a little more screen real estate, if it saves your users some trial-and-error time or a trip to Google.
At this point, I'm fine with disabling options if the program is sufficiently scriptable / programmable to allow someone to write a plugin to duplicate the "turn off" behavior. For browsers, we seem to be in a plugin replaces options universe. If a browser plugin cannot duplicate the behavior, then the browser needs to be changed to allow it or the option needs to stay.
Software needs to empower the user. Writing arbitrary limitations in to code to make certain functionality harder to achieve is a seriously repulsive attitude for developers to have.
The current trend in removing features from software seems like a great way to have a dire shortage of engineers in 50 years time. The attitude that "software is a magic and untouchable black box, you can only use it to do the specific thing the developer wants you to" destroys the true power of the computer as a tool, it might as well be a radio or a TV that incessantly produces other peoples ideas.
Write useful, empowering and well tested modular code. Let the user work out what crazy and wonderful ways they arrange those modules. Don't make changes that serve only to glob more functionality up in to impenetrable, monolithic black boxes.
Also: Overriding peoples existing preferences during upgrade? Nice work guys :/
Have you ever actually met any normal users? They have work they need to do, and the software is just a means to an end.
They don't want to be 'empowered' by developers, and they definitely don't want to have to deal with arranging a bunch of poorly documented modules that make no sense if you are not familiar with the underlying architecture.
Then have another checkbox, something like "enable advanced settings (warning: if you don't know anything about cars, would you really mess with your car's breaks?)", that toggles the availability of these kinds of settings. Everybody wins.
Your proselytizing reminds me of Alan Kay's idea (at least partly instantiated in Smalltalk) that there should be no fundamental difference between using a computer and programming. This is an interesting idea, but it's incredibly radical - I'm not sure even Kay realises how radical it is. As other people have said, a lot of people want to use a computer simply as a tool, to get on and do their work; that's because they have some definite "work" to do, and that work doesn't include exploring their computing system. Moving to Kay's vision would require abolishing this division of labour, right up to the fundamental division of labour between conception and execution, between means and ends. That is, to realise Kay's ideas of computer use we would have to establish a system with no distinction between work and creative activity: we would have to establish full communism.
Because people now realise that adding features is not necessarily a good thing. It adds complexity to both development and using the product. If there isn't a very good reason for it to be there, then it shouldn't be.
As a person who uses noscript every day in FF, at first I thought this was a bad idea, but the more I think about the support aspect of this, the only time I think you really should turn off JS is when you understand enough to find the advanced options.
Perhaps a move towards Eclipse-like preferences would be a wiser choice?
Oh, and I didn't post this to bash the sincere concern about discoverable options. They could disable JS, and they still can, using an extension or going through a menu which clearly states that those configurations may break the 99% of the web.
Every change is prone to break someone's workflow. But if there is a good enough alternative and if the change is better for everyone, I think that should be left alone. If there was no way to disable JS after this update, I'd be pretty mad as well. But having an option deep enough to keep away from unsuspecting eyes is only sane.
Look on the bright side. At least we'll never, ever have to hear about the Principle of Least Power again from Mozilla/HTML5 advocates lionising the "Open Web" against smartphone apps, Native Client or what have you.
And by the way, there is a tag called noscript , but it seems webdesigners that only think about demonstrating their "html5" talents dont know their basics.
But even there, I'd gladly sacrifice that feature for a standalone mapping app on my own machine, so I don't have to worry about Google spying on me whenever I decide to go somewhere!
> Why should I have to expose myself to various security and privacy problems just because some web development framework cannot keep an old version working?
Unfortunately, that's about the scope of options most organizations entertain. If there's any degradation, it tends to lack grace and is on a par with a screenreader.
So you're not OK with giving a site a fairly narrow range of sandboxed permissions, but you are OK with installing an opaque binary that can read, modify, transmit, and destroy nearly every piece of your data on your computer.
Sure. Do you personally read through every line of source? Maybe you trust the repository managers to do so, and limit yourself to only very-popular projects - do you completely trust the trust-chain that lets them submit new code? Maybe you do - remember when RubyGems.org was hacked? Or when [many sites] lost their private crypto keys? What's to stop the same thing from happening, and pushing a critical update with an exploit? Maybe you reduce the frequency you check for updates to mitigate this kind of vulnerability - oops, now you're more vulnerable to new exploits.
If you're not watching every step, every time, you're gambling the same way you're gambling with malicious code in a browser (though I'll admit it's lower frequency). Your privacy/security is in the hands of whoever is part of the chain you trust, and their security practices, completely aside from new exploits that could affect you directly. Open Source, binary, it's all the same in the end unless you're perfect in your observational skills. Sandboxing limits that trust. I'll even grant that it's technically possible to do the same thing with processes in Unix, which you could be doing - but it's hard, error-prone, and essentially nobody does it except the stragglers who haven't switched to virtualization (which is essentially sandboxing).
You're being paranoid. With perfectly justifiable reasons - everything you listed is possible, plausible, and related things have actually happened. But you're not applying the paranoia evenly.
I said: "I'd gladly sacrifice that feature for a standalone mapping app on my own machine, so I don't have to worry about Google spying on me whenever I decide to go somewhere!"
What I was trying to say was that I would prefer a standalone mapping application (ie. one that ran on my own machine and did not contact Google or any other site to work).
HN demonstrates good use of JS: AJAX voting. Forcing you to navigate to another page in order to vote is slow, annoying, and disruptive. Plenty of sites make good use of JS. For those who don't use NoScript.
Not voting is also a good way to avoid being tracked and pigeonholed.
It's true that if everybody did that, this site would be a lot less useful. However, I'm not convinced that some sort of anonymous yet secure and transparent voting system can't be implemented.
But, while voting requires enabling technolgy that will help others track and pigeonhole me, as well as make my system less secure, I'm going to avoid it.
Youtube's use of Flash and HTML 5 is 100%, completely worthless!
There are a million youtube downloading apps out there that don't require me to even use a web browser to download videos from youtube. And, after they're downloaded (or even during the download), I can use any number of (non-browser-based) video players to watch them.
Hacker News sans voting is nowhere near completely useless. I strongly suspect that a majority of people who read HN don't even have accounts (and thus are unable to vote). And even if the posts do contain broken links/images, a fair amount of text is often still available; I think a site's textual content is often its most important feature (unless it's a site specifically geared toward images/interactive content).
The "1% Rule" grew out of this idea -- the hypothesis it poses is that 89% of the users of a given internet forum are strictly lurkers. HN has a more tech-oriented population than many forums, so I bet the differences between groups are less extreme, but I also bet that the overall trend still stands.
Which is two things to me:
1. not a tragedy that can never be fixed, but usually a minor inconvenience
Taking away options from users because they don't know well enough can be kind of a self-full-filling prophecy, too. You cater to newbies, you get more and better newbies, entitled ones.
Stuff should be nice to use, of course, and shouldn't have friendly green buttons that makes it shoot knives at you etc. but it also shouldn't be less complex than it needs to be. If you have nothing left to take away you have perfection; if you still keep taking away stuff, you don't have even more perfection, you're just breaking things.
I never heard anyone complain that this option is there, or that it caused any trouble.. so what is this based on? Where are the petitions to remove this option that causes so much grief?
And why stop there? Imagine all the bad stuff you can do with the printer settings. Why are there options that allow people to waste ink, paper, or even maybe damage their printer? How many people threw away their printer, damaging the environment, because they thought it was broken... when all that happened was their cat walking over the keyboard and misconfiguring it? There might be actual kids choking on toxic fumes from those printers right now, nevermind the environment; and we worry about a website not working.
The Firefox options dialog is still kind of messy, and would be even if half of the options were removed. Take some leads from Opera :) Just taking away things doesn't automatically help, logically ordering them while also putting them in tiers of expertise does.
[By the way, all those keyboard shortcuts? They have to go, "hacker news readers" can get them back by editing an .ini setting -- the risk is just too great that someone might open the dev tools and then complain about weird rectangles on their screen, or to fail to convert because the website isn't as pretty as it could be]
You're a hacker, of course you've never heard anyone complain about the option.
Well, when people hear I'm good with computers they usually tell me all sorts of random computer troubles, but this one never popped up.
Are you sure? They seem to have data that most people don't use the option, and that seems to be all.
I also didn't get the memo that not providing a non-js fallback for normal day to day web stuff is not kind of noobish. Though I could point you to a host of articles pointing out the opposite, and they are fresher than 2002, too, and not from that usability guy with the ugly website either :P
You will find a million that work without it, and even more that could work without it if they weren't made by [insert random expletive here].
Wikipedia? Works just fine. Search? Works fine. Facebook? I don't use it anymore, but I remember when it worked fine without JS as well, minus chat and instant notifications (oh god, the horror of only hearing about a new message on a page refresh ^^). Twitter? Breaking Twitter sounds like a good plan, not like a problem. But I digress.
Sadly, my mom doesn't go clicking around in the options dialog, no matter how much I encourage her ^^ Hardly in my presence, not ever in my absence.
We have roads with cars on them. People can walk into those roads, but don't. For many reasons, but none of them a deep understanding of biology or physics. If we fenced in all roads, we would avoid some of such accidents that are still happening - but would also raise people who need the fence from then on, because they're used to "wherever I can walk, there is no danger of being run over".
And yes, this also means looking someone who lost their child who ran into the road in the eye, and saying "I'm sorry for that, but it's still worth it to not fence everything in." Are we too squeamish for that? Since when are coders so scared of user complaints based on ignorance or using the software wrong? Don't those come with the terroritory?
Most of the time, the major content of a page doesn't require it. When it does, it is usually either poor design, or good design where the design is intended to display a bunch of crap I don't want and download a hoard of tracking data.
To put it another way, when I'm surfing, Google Analytics isn't doing anything in my interest.
Which is why NoScript is great: you can load the main site functionality without having to enable Analytics. The global enable/disable JS switch is just terrible for this kind of browsing, in my opinion.
Increased software complexity and no tangible benefit. Lose-Lose.
There are a million ways to display and to drill down into options that would make the FF options less cluttered, more logical, while having even more options than it does. There are ways to inform users pretty much exhaustively via built-in tooltips and documentation -- all of this has been working great in the 90s and got better since then. Icon > Title/Tooltip > Short Description > Verbose Description, so you learn everything you "stumble over" once when you need it, and from then on just use it, with the option to refresh your knowledge anytime.
Just compare about:config in Opera and Firefox, and simply accept we're dealing with different levels of skill and taste here, not just different choices.
It depends on the type of article. I write a lot of blog posts about math. The most convenient way to do this is using Mathjax. If browsers had native support for mathematical notation then I would be inclined to agree with you, but this is not currently the case.
I'm not sure either. But I know that you can do crazy things with unicode, and I'd bet that if you treated treated unicode as a sort of low-level compile-to target you could then design a high-level language from which to write math text. I'm not sure of the practical benefit and maybe this would be even more inaccessible to people... but still, I think JS is great, but wouldn't pure HTML and encodings be even cooler?
I came here to wax rhapsodic about Reader mode too. It's my favorite web browser feature in half a decade.