I recently got a message from a webmaster who had no idea their website got their visitors' web browsers to run third-party Javascript from Goggle domains. This is how out of control JS has got. It's time for browser makers to make JS opt-in, so that people who serve it have to justify what it does and why users ought to let it run on their computers. Like they've done with addons, after all JS is just any uglier hack for temporarily adding code to the browser.
#MakeJavascriptOptional
@billstclair
> My apps show nothing but a “turn on JavaScript” warning without JS.
Why? This is graceless degradation for one thing. I don't see why anyone thinks they're entitled to run programs on other people's computers without opt-in consent. How about you design it to serve an HTML/CSS web page when people visit it in their web browser with JS turned off or blocked, explaining what JS allows the app to do, and asking them to please turn it on? #Pleroma needs to do that to, #Pixelfed has.
you may trust everyone on the internet to execute arbitrary code on your machine, but i find that attitude extremely foolish. javascript has sandboxing, yes, but i wouldn’t trust a sandbox that is regularly broken at a yearly event. Pwn2Own has been running for years and they’ve managed to break the web sandboxes every time.
@xj9 @billstclair @strypey Plus what with Spectre and family, it's a very bad time to put much faith into a sandbox.
Though I would say if we are going to insist on continuing to run sandboxed programs on the client, Elm would be simpler language to sandbox than JavaScript. I'm going to make that argument in detail eventually.
> JS is mature technology, with good sandboxing.
🤣 🤣 🤣 🤣 🤣
https://bugzilla.mozilla.org/show_bug.cgi?id=1487081#c16
> JS ain't going nowhere.
Yeah!
Like the divine right of #Kings!
And what about the #Pharaoh?
I'm amused (not) about the total lack of historical perspective of so many #US programmers.
Guys, if you can't see how primitive is our discipline, you'll always be a good, nice and clean #slave.
Not sure if I understood what you mean, actually. 😕
But, to be clear, I think that we should move beyond this dichotomy.
#WorseIsBetter is collapsing anyway due to the curse of #Frankenstein.
But the future won't be "the right thing".
The future will be #simplicity.
Simplex sigillum veri.
http://jehanne.io/2018/11/15/simplicity-awakes.html#the-curse-of-frankenstein