Comments on: One Big Reason to Limit Your Use of JavaScript http://www.velvetblues.com/web-development-blog/reason-to-limit-use-of-javascript/ Velvet Blues offers a wide variety of website-related services such as: complete websites, eCommerce, design, XHTML/CSS slicing, search engine optimization, and content management with custom or open source software such as WordPress, Joomla, and Drupal. Take a look at our portfolio and see for yourself. Thu, 29 Dec 2011 17:15:49 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: TigerStarehttp://www.velvetblues.com/web-development-blog/reason-to-limit-use-of-javascript/#comment-4497 TigerStare Fri, 14 Aug 2009 18:53:23 +0000 http://www.velvetblues.com/?p=309#comment-4497 I hardly know where to begin. So many presumptions are offered as facts, it boggles the mind.Let's talk browser security. Internet users know there's a difference between a popular browser and a secure one. Internet Explorer is popular, but FireFox is secure (as is Opera and Safari and Chrome). Security is not a javascript issue, it's a browser issue. More specifically, it's an Active-X issue! Yes, that casts a long shadow over IE.When folks decry javascript security issues, they're not castigating all browsers in general, they're bemoaning one in particular; Redmond's. They're complaining of the fact that IE is riddled with insecurities, because it is so tightly integrated into the OS. (What other browser wrongly depends on the CLSID of the tag to invoke Flash content, for example.)This will be a painfully obvious conclusion, but I'll draw it nonetheless: the less IE is used, the less impact its lack of security will have on the Internet population. One could argue there are reasons to favor IE, but security isn't one of them. The browser enjoys popularity by virtue of the fact it is ubiquitous.The article cleverly ignores foundational reasons developers implement javascript. What about frameworks? It's been a almost year since the article was authored, and javascript APIs have been around alot longer than that. JQuery, Protocol, YUI, MooTools... and the list goes on.These frameworks permit designers to design websites where the bulk of processing occurs in the client (not the server), where data validation is done in realtime, and where presentation is attractive and quick.And what about the widespread use of Content Management System (CMS) websites? Drupal, arguably one of the most popular, secure and feature-laden CMS tools available, uses javascript. Back in 2006, the JQuery API was incorporated into the Drupal core. Where were the harbingers of doom when Drupal made that decision?Finally, what further point could be made than the absurdity of eliminating AJAX in current websites? No javascript, no AJAX. The DHTML/AJAX paradigm is what enabled us all to begin shouting, "web 2.0, web 2.0!"In conclusion, there are no compelling reasons to disable javascript. It is as endemic to a page as CSS and the markup itself.There are browsers that fail at security, and thankfully there are excellent alternatives to them. If it's a matter of trust -- not knowing whether a website is safe -- than all the neutering of javascript won't fix that.But changing your browser might. I hardly know where to begin. So many presumptions are offered as facts, it boggles the mind.

Let’s talk browser security. Internet users know there’s a difference between a popular browser and a secure one. Internet Explorer is popular, but FireFox is secure (as is Opera and Safari and Chrome). Security is not a javascript issue, it’s a browser issue. More specifically, it’s an Active-X issue! Yes, that casts a long shadow over IE.

When folks decry javascript security issues, they’re not castigating all browsers in general, they’re bemoaning one in particular; Redmond’s. They’re complaining of the fact that IE is riddled with insecurities, because it is so tightly integrated into the OS. (What other browser wrongly depends on the CLSID of the tag to invoke Flash content, for example.)

This will be a painfully obvious conclusion, but I’ll draw it nonetheless: the less IE is used, the less impact its lack of security will have on the Internet population. One could argue there are reasons to favor IE, but security isn’t one of them. The browser enjoys popularity by virtue of the fact it is ubiquitous.

The article cleverly ignores foundational reasons developers implement javascript. What about frameworks? It’s been a almost year since the article was authored, and javascript APIs have been around alot longer than that. JQuery, Protocol, YUI, MooTools… and the list goes on.

These frameworks permit designers to design websites where the bulk of processing occurs in the client (not the server), where data validation is done in realtime, and where presentation is attractive and quick.

And what about the widespread use of Content Management System (CMS) websites? Drupal, arguably one of the most popular, secure and feature-laden CMS tools available, uses javascript. Back in 2006, the JQuery API was incorporated into the Drupal core. Where were the harbingers of doom when Drupal made that decision?

Finally, what further point could be made than the absurdity of eliminating AJAX in current websites? No javascript, no AJAX. The DHTML/AJAX paradigm is what enabled us all to begin shouting, “web 2.0, web 2.0!”

In conclusion, there are no compelling reasons to disable javascript. It is as endemic to a page as CSS and the markup itself.

There are browsers that fail at security, and thankfully there are excellent alternatives to them. If it’s a matter of trust — not knowing whether a website is safe — than all the neutering of javascript won’t fix that.

But changing your browser might.

]]>