Hacker News new | comments | show | ask | jobs | submit login

Correct. I'm being completely serious, with the exception of the remark about exploding limbs (obviously).

Broad enumeration capabilities of this sort don't make sense. You don't need me to tell you why, because the moment you considered these features not existing, you immediately thought up alternatives that didn't involve running javascript, some of which require changes in the way people think about building web-pages, some of which may require changes in various specifications.

JS has more features than it deserves for learning about and (critically) sharing information about the host platform. Yes, you can still learn some things as a website operator by watching what browsers load/don't load, and what they put in their requests.

That does not mean that disabling javascript doesn't have value w/r to privacy concerns. Compare panopticlick.eff.org w/, w/o javascript enabled.

Edit: I should hasten to add that there are other concerns beyond privacy, like accessibility and the fact that a web page has no bloody business deciding that I'm likely running an iPad and therefor I shouldn't have access to X or Y. This is dumb, and contrary to the idea of the open internet. It's the same thing that's wrong with this EME nonsense.




Ah, I took your position as being able to determine screen size (or have it determined automatically through CSS or some other hands-off mechanism) itself was also unneeded, not just that JS should not have this capability.

I can get behind most of what you say - as long as we are talking about simple, presentation based websites.

Where I think there's a breakdown in this view is when you consider complex web applications, including games. At that point, I believe some level of inspection capabilities are required, if we desire to have complex web apps delivered through the internet. I'm by no means sold that on-demand web delivered code is necessarily a good thing though. There's far too large a surface area to adequately secure while still making it useful, IMHO.

-----




Applications are open for YC Summer 2016

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: