Re: Has a line been crossed by this user

I find JavaScript very useful, and the only site that has casued me problems with it is PerlMonks.

You apparently have not been around the web very long, then. Back in the bad old days before capability policies (which, incidentally, some quite popular browsers have not yet bothered to implement), the stupid JS stunts a few people around here pull on their homenodes would have seemed as nothing; back then, Javascript used to be able to easily crash your browser and/or your operating system, and with a bit more effort it could be made to do much worse things than that. I surfed with Javascript disabled for years.

These days I generally surf with Javascript enabled, but limited by capability policies, but I still occasionally find myself having to turn it off to escape the rude effects of one site or another, and it is noteworthy that Perlmonks to date has not been one of the sites that has necessitated this; stupid stunts like automatically posting a message in the chatterbox are pointless and arguably rude, but they don't cause any tangible harm.

I don't normally surf with Javascript disabled, but that's mostly because I prefer not to go through life paranoid. I don't lock my house at night either. So far I haven't been seriously hurt by either policy, but it is certainly possible that at some point I *could* be. Taking that risk is a decision that I make after weighing the relative merits of safety and convenience against probabilities.

I tend to agree with tye that Perlmonks should be responsible and filter scripts out of all user-submitted content that isn't checked by hand by the site admins. But that will only protect you from being harmed by Javascript code here on Perlmonks; if you surf the rest of the web, with Javascript enabled, it won't protect you.

Comment on Re: Has a line been crossed by this user

Replies are listed 'Best First'.
Re^2: Has a line been crossed by this user by mrborisguy (Hermit) on Jul 07, 2005 at 03:30 UTC
But that will only protect you from being harmed by Javascript code here on Perlmonks; And that's all we're asking for. I watch what websites I go to, and it's generally a select few where I don't have to worry about anything happening, and those are generally well known and well traversed sites. Perlmonks is a well known and established site; it should be the same way, in my opinion. -Bryan	[reply]
Re: Has a line been crossed by this user by jonadab (Parson) on Jul 07, 2005 at 10:21 UTC
You might occasionally be surprised what well-known and well-traversed sites will do. A few years ago (circa late 2000 or early 2001) I ran into a situation where the website for the Cartoon Network was using Javascript to change browser preferences (in particular, the home page) and to prevent the user from leaving the site, the net effect being that even after a reboot, the only way to visit any other website was to disable Javascript. The computer where I ran into this was still using IE5 at the time, and users kept going to that site, and then I'd get called down to fix it again, so what I ended up doing was using a hosts file entry to redirect that site to 10.0.13.13 or somesuch. Of course, a modern web browser won't allow such schenanighans, and the site in question stopped doing it a few weeks later anyway, but my point is that it's not safe to assume all well-known and well-traversed sites are also well-written and innocuous. Then there's the small matter of what the advertisers who buy ad space on well-known and well-traversed sites will do. If you trust doubleclick.net to run arbitrary scripts on your system, you're insane, IMO.	[reply]
Re^4: Has a line been crossed by this user by mrborisguy (Hermit) on Jul 13, 2005 at 13:13 UTC
I had never really thought about it I guess. Thanks! ++ -Bryan	[reply]