bug-gnuzilla
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-gnuzilla] Suggestion: JavaScript button


From: Julie Marchant
Subject: Re: [Bug-gnuzilla] Suggestion: JavaScript button
Date: Wed, 15 Feb 2017 16:27:22 -0500

On 02/15/2017 03:02 PM, address@hidden wrote:
> Gosh I have a headache, I'm sorry but have you ever even used NoScript?

Yes, I have, quite extensively, and I would appreciate it if you would
take the time to understand what I am actually requesting rather than
talking to me as if I was an idiot.

> NoScript blocks everything by default and then you simply allow SPECIFIC
> individual things ONLY that you want to allow as you go.

Specific individual *locations*. But that doesn't matter all that much.
What matters is that NoScript does not support allowing all scripts on
the page to execute *once*, while still refusing to run any Javascript
in *all* other contexts. That doesn't mean blocking specific scripts, or
allowing specific scripts. That means univerally blocking scripts, but
allowing all of the scripts requested by a specific *page*.

> I never have to turn on all javascript, reload, do work, turn it off,
> reload, and go crazy. NoScript blocks everything, and I simply allow
> only what I need.

You have completely misunderstood the purpose of what I am suggesting.
NoScript is an improvement if all you want is better security *and*
you're an advanced user. I want something that can be made the *default*
behavior of a browser, which both is easy to use *and* results in
JavaScript being disabled most of the time.

When talking about a *simple* mechanism for users to keep JavaScript
*entirely* off most of the time (which is *not* the same thing as
keeping *most* scripts off based on a whitelist), the only solution that
currently exists is to toggle JavaScript.

> what you are suggesting is basically a more permanent version of the 
> "temporarily allow all" button in NoScript

No, it's a less permanent and more reliable version, and also one that
doesn't cause scripts to accidentally be allowed on other pages.

> "magic button of safety"

It's not a button of "safety", it's a button of *danger*. The safety is
in *not* having that as the state of affairs unless you press it.

> push it over and over again until it gives them what they want

They would only need to push it once. You're confusing what I'm
proposing with NoScript again.

> I rather spend the effort educating newbies

Ignoring the fact that what you are implicitly proposing is impossible,
are you implying that the state of JavaScript use on the Web is
acceptable, and that all you need to do is know how to navigate it? I
completely disagree. I wrote why here:

https://onpon4.github.io/other/kill-js/

To recap, the way JavaScript is silently installed and executed on
people's browsers makes it, practically speaking, impossible to control
what they do. That is unacceptable.

What I'm suggesting here would do nothing to fix that, directly. But it
would work toward solving it by killing JavaScript, because it would
make a browser that doesn't execute JavaScript *convenient* for the
masses, and it would exert a (however small) pressure on Web developers
to stop requiring their superfluous JavaScript code.

-- 
Julie Marchant
https://onpon4.github.io

Protect your emails with GnuPG:
https://emailselfdefense.fsf.org

Attachment: signature.asc
Description: OpenPGP digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]