directory-discuss
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

JavaScript is only a tool

From: Lorenzo L. Ancora
Subject: JavaScript is only a tool
Date: Wed, 21 Jul 2021 12:50:34 +0000
User-agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0 
As an addendum, by the way, W3C also has XForms, which I think is way
safer for form submission,[...]

The Mozilla Developer Network says:
"XForms is a convention for building Web forms and processing form data in the XML format. No major browser supports XForms any longer—we suggest using HTML5 forms instead." 

...and:
"This feature is no longer recommended. Though some browsers might still support it, it may have already been removed from the relevant web standards, may be in the process of being dropped, or may only be kept for compatibility purposes. Avoid using it, and update existing code if possible; see the compatibility table at the bottom of this page to guide your decision. Be aware that this feature may cease to work at any time."
The XForms idea is great on paper but I have the suspicion this technology is being hidden under the carpet because the transitioning costs/risks do not justify the advantages (probably they only reduce the amount of JavaScript, without managing to transform all of it in an optional dependency). I recall OpenOffice and LibreOffice do support XForms, however there is officially no compatibility with other office suites. 


I don't hate JavaScript just because “it is JavaScript”, but because the
current HTML standard defines scripting elements in a way such that they
are considered client-side autoexecuted. I could express the same hatred
for any other future scripting language that people would dearly support
in web browsers (including WebAssembly) if these were to show the same
issues in the related standards.
It's like hating a hammer because sometimes you misused it and it crushed your finger. The solution is not to look for a better hammer or to start using rocks like our ancestors, but to improve your dexterity in using the hammer. :-)
From the example I did in the previous email, you might deduce it is highly uneconomical to ask for permission to run each individual script, as well as potentially insecure due to the superficiality of the end users. Imagine the Internet like a crowded bar where people go in and out all the time and where the webmasters are the bartenders who offer products and drinks: it is in the interest of the bartender to make sure that the entrance door can be used by as many customers as possible (especially by the most ignorant ones, who will always be the majority) and at the same time make sure that the use of the door does not distract from the rest of the bar. If the door asked every single customer to type in a password or ask for confirmation in any other way before opening, then the barista's income would be negatively impacted. This is why JavaScript (and any other scripting language on the web) will always be executed without prompting the end users.
The solution will never be banishing JavaScript (impossible) but to learn how to be a better web developer by implementing fallback mechanisms where possible (in other words, educate the developers on how to implement JS as an optional dependency). 


Il 20/07/21 19:20, Adonay Felipe Nogueira via ha scritto:

Em 20-07-2021 15:36, Lorenzo L. Ancora via escreveu:

I could go into it for a long time, but these are threads that I have
been carrying on with GNU for years. If e.g. Richard (or any other
"hardcore wildebeest") has convinced you that JavaScript is evil then,
100 demonstrations will not be enough, because you made a moral and
therefore irrational choice: prejudices are strengthened in groups due
to the mutual affirmation that, unfortunately, has the ability to kill
individual rationality.


I don't hate JavaScript just because “it is JavaScript”, but because the
current HTML standard defines scripting elements in a way such that they
are considered client-side autoexecuted. I could express the same hatred
for any other future scripting language that people would dearly support
in web browsers (including WebAssembly) if these were to show the same
issues in the related standards.

As an addendum, by the way, W3C also has XForms, which I think is way
safer for form submission, and seems to allow most of the flexibility I
described here, but with only one single form, and without relying on JS.




--
All messages from/to this account should be considered private.
Messages from/to newsletters should not be reshared.
TZ: Europe/Rome (Italy - CEST).

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]