"Disable Javascript" option removed in Firefox 23(bugzilla.mozilla.org) |
"Disable Javascript" option removed in Firefox 23(bugzilla.mozilla.org) |
[x] Disable Javascript. This will break or significantly reduce the functionality of many websites, but will also prevent them from gathering marketing and other data on you. [Details](http://www.mozilla.org/javascript)
Make the primary tradeoffs clear, supply a link to a mozilla.org site with a more comprehensive explanation of what you give up and gain.
Programmers like to simplify, abstract, and modularize, but that isn't always the best strategy with language. Sometimes, even with control panel tooltips, it's better to be a little bit more verbose, take up a little more screen real estate, if it saves your users some trial-and-error time or a trip to Google.
FWIW, I don't think we should avoid educating users. Pandering to the dumbest common denominator only makes dumb things in the long run.
There are a lot of websites out there that use javascript for less than reputable purposes so not being able to disable it when you know you might run into them is insecure.
Like say using tor where having JS enabled is like asking to be tracked.
I know disabling JS is not an option on the modern web but then ship with something like noscript instead don't just leave users exposed.
This is not a feature that can just be removed it needs to be replaced instead.
Fortunately they are the 1%. For everyone else in the world, this is a welcomed change. Most people don't even know what JavaScript is.
This is a good move. Option still exists in about:config.
Every change is prone to break someone's workflow. But if there is a good enough alternative and if the change is better for everyone, I think that should be left alone. If there was no way to disable JS after this update, I'd be pretty mad as well. But having an option deep enough to keep away from unsuspecting eyes is only sane.
if the functionality of "modern" sites is the only rationale, it is simply a wrong decision by Mozilla.
Due to the names Java and JavaScript being so similar, users get confused when their technically-minded friend recommends that they disable Java in their browser. Somewhat like ham and hamster, with no prior knowledge the user has no idea that the technologies are entirely different.
I've personally had to help a number of people out who have mistakenly disabled JavaScript. That was the impression I got.
The current trend in removing features from software seems like a great way to have a dire shortage of engineers in 50 years time. The attitude that "software is a magic and untouchable black box, you can only use it to do the specific thing the developer wants you to" destroys the true power of the computer as a tool, it might as well be a radio or a TV that incessantly produces other peoples ideas.
Write useful, empowering and well tested modular code. Let the user work out what crazy and wonderful ways they arrange those modules. Don't make changes that serve only to glob more functionality up in to impenetrable, monolithic black boxes. </proselytizing>
Also: Overriding peoples existing preferences during upgrade? Nice work guys :/
They don't want to be 'empowered' by developers, and they definitely don't want to have to deal with arranging a bunch of poorly documented modules that make no sense if you are not familiar with the underlying architecture.
Evidently the firefox developers do not think there is a very good reason for disabling javascript to be in the general options, so they removed it.
http://www.amazon.com/The-Paradox-Choice-More-Less/dp/006000...
As a person who uses noscript every day in FF, at first I thought this was a bad idea, but the more I think about the support aspect of this, the only time I think you really should turn off JS is when you understand enough to find the advanced options.
I hate javascript with a fiery passion. But I'm sensitive to (possibly real) arguments that people are accidentally disabling it because they start clicking random stuff in the 'content' tab of preferences. So move it to 'advanced' and call it a day.
So many pages are totally broken without javascript. You dont need javascript to have a good layout, a complexe menu or display images. Yet some "professional" sites dont even work without javascript on, All you see is a blank page.
And by the way, there is a tag called noscript , but it seems webdesigners that only think about demonstrating their "html5" talents dont know their basics.
Javascript is the new flash. Stupid cheesy animations , heavy pages , memory leaks that kill your browser, javascript intros that you cant skip ,broken parallax scrolling , slow scrollbars so it feels like you are on ipad , it will be worse than flash when designers start abusing Adobe Edge on all their websites.
So long firefox...
Honestly, the only website that I can think of where using Javascript actually does something useful that I'd have a hard time doing better on a standalone app on my own machine is Google Maps, where it's nice to be able to scroll around by dragging the map with the mouse.
But even there, I'd gladly sacrifice that feature for a standalone mapping app on my own machine, so I don't have to worry about Google spying on me whenever I decide to go somewhere!
Geez. The web has become a gigantic spyware advertising network, and Javascript, Flash, and related garbage are some of the main enablers of it.
</rant>
HN demonstrates good use of JS: AJAX voting. Forcing you to navigate to another page in order to vote is slow, annoying, and disruptive. Plenty of sites make good use of JS. For those who don't use NoScript.
Why would you use the global JavaScript disabler when there are much better options?
When CSS is switched off content is still readable.
And dont worry , people will turn off javascript more and more like they turned off flash because of all the stupid stunts developpers pull.
Most of the pages I visit function without Javascript. The most of sites where it doesn't that I know of are *.blogspot sites managed by Google.
It sounds like a classic noobie mistake... "Why are users able to turn off Javascript?" "No idea." "Remove the feature!"
If anyone says Javascript is not optional, they are trying to sell you something: probably web apps!
2002-2013
Unfortunately, it very much is. Nearly every website on the internet is completely useless without JavaScript.
I visited a large number of links from the HN front page, and many of them had broken navigation or images. You can't actually vote on HN itself either.
The "1% Rule"[0] grew out of this idea -- the hypothesis it poses is that 89% of the users of a given internet forum are strictly lurkers. HN has a more tech-oriented population than many forums, so I bet the differences between groups are less extreme, but I also bet that the overall trend still stands.
[0]: http://en.wikipedia.org/wiki/1%25_rule_(Internet_culture)
Agreed. However, the web consists of far more than just "articles", and quite a bit of content legitimately uses JavaScript for required functionality. Disabling it needs to have the kinds of huge "this will break things" warnings associated with installing an extension like NoScript; it shouldn't have a checkbox in Firefox's preferences.
Most of the time, the major content of a page doesn't require it. When it does, it is usually either poor design, or good design where the design is intended to display a bunch of crap I don't want and download a hoard of tracking data.
To put it another way, when I'm surfing, Google Analytics isn't doing anything in my interest.
The fact is that most web sites use JavaScript _and_ CSS in a user-hostile manner. CSS is used to draw the eye towards advertising or other content on the site, with the hope of distracting me from what I came to read. Many sites even use CSS to create a faux-popup overlay "window" that has to be dismissed before the content can be viewed.
And of course, the vast majority of JavaScript is aimed at analytics, tracking cookies, advertisements, and other code that, as a user, I'd really rather not execute.
My ideal solution is something like ClickToPlugin, where a site can request JavaScript, and I can choose to grant it or not. Mozilla's decision is disappointing, because they are working in the interest of web publishers instead of web users.
Click to play on plugins is great, Firefox should also have it builtin (as Chrome does).
I said: "I'd gladly sacrifice that feature for a standalone mapping app on my own machine, so I don't have to worry about Google spying on me whenever I decide to go somewhere!"
What I was trying to say was that I would prefer a standalone mapping application (ie. one that ran on my own machine and did not contact Google or any other site to work).
It just so happens that since I do not have such a standalone mapping application, I do resort to using Google Maps. And when I do, they do happen to have an actual useful use for Javascript, which is to allow the user to scroll the map with the mouse. But I'd gladly sacrifice that feature for a standalone (ie. not browser-based) mapping application that does not phone home to some spyware company like Google in order to work.
> It just so happens that since I do not have such a standalone mapping application
feel free to try my open source graphhopper project btw ;)
Not voting is also a good way to avoid being tracked and pigeonholed.
It's true that if everybody did that, this site would be a lot less useful. However, I'm not convinced that some sort of anonymous yet secure and transparent voting system can't be implemented.
But, while voting requires enabling technolgy that will help others track and pigeonhole me, as well as make my system less secure, I'm going to avoid it.
Fortunately, HN is still readable without Javascript (even though it annoyingly doesn't indent threaded comments properly without it -- something that Slashdot manages to do just fine without requiring JS).
You know, there is a solution: the noscript tag. You know, the tag that lets you retain some level of functionality for people who do not have Javascript enabled.
Why should I have to expose myself to various security and privacy problems just because some web development framework cannot keep an old version working? There are a lot of reasons why someone might not have Javascript enabled, and they should not be shut off from large parts of the web. Should vision-impaired users who use TTS systems be shut off because your framework of choice thought that Javascript should be used to replace functionality that is built into the browser?
Moreover these days, developers don't develop for 100% of use cases. they start with implementation of say 80-85% of use cases. Folks not wanting to use javascript never come into that category, which means that noscript approach is almost never taken except may be in the case that the web application developed is targeted at that user category.
Lastly I would suggest this simple solution (http://someonewhocares.org/hosts/) to block all those pesky ads and pop-ups.
For a lot of sites and everything else coming up there is no old version. It's a Javascript app. Noscript could at best display an error, but if you're browsing around without Javascript you probably know enough that the error is on your end.
Unfortunately, that's about the scope of options most organizations entertain. If there's any degradation, it tends to lack grace and is on a par with a screenreader.
While I "like" javascript (OK, I like dynamic sites), if my machine seems slow, a cursory look at my running process will show a chrome or safari process that is inevitably getting dry humped by a page using js for a carousel or something equally banal.
You have heard of open source software that doesn't need a browser to run, haven't you?
If you're not watching every step, every time, you're gambling the same way you're gambling with malicious code in a browser (though I'll admit it's lower frequency). Your privacy/security is in the hands of whoever is part of the chain you trust, and their security practices, completely aside from new exploits that could affect you directly. Open Source, binary, it's all the same in the end unless you're perfect in your observational skills. Sandboxing limits that trust. I'll even grant that it's technically possible to do the same thing with processes in Unix, which you could be doing - but it's hard, error-prone, and essentially nobody does it except the stragglers who haven't switched to virtualization (which is essentially sandboxing).
You're being paranoid. With perfectly justifiable reasons - everything you listed is possible, plausible, and related things have actually happened. But you're not applying the paranoia evenly.
There are a million youtube downloading apps out there that don't require me to even use a web browser to download videos from youtube. And, after they're downloaded (or even during the download), I can use any number of (non-browser-based) video players to watch them.
Youtube could make it even easier to download their videos by simply providing a direct link to the video in mp4 format. No Javascript, Flash, or HTML 5 required!
Food for thought: http://shapecatcher.com/ 🍏
Taking away options from users because they don't know well enough can be kind of a self-full-filling prophecy, too. You cater to newbies, you get more and better newbies, entitled ones.
Stuff should be nice to use, of course, and shouldn't have friendly green buttons that makes it shoot knives at you etc. but it also shouldn't be less complex than it needs to be. If you have nothing left to take away you have perfection; if you still keep taking away stuff, you don't have even more perfection, you're just breaking things.
I never heard anyone complain that this option is there, or that it caused any trouble.. so what is this based on? Where are the petitions to remove this option that causes so much grief?
And why stop there? Imagine all the bad stuff you can do with the printer settings. Why are there options that allow people to waste ink, paper, or even maybe damage their printer? How many people threw away their printer, damaging the environment, because they thought it was broken... when all that happened was their cat walking over the keyboard and misconfiguring it? There might be actual kids choking on toxic fumes from those printers right now, nevermind the environment; and we worry about a website not working.
The Firefox options dialog is still kind of messy, and would be even if half of the options were removed. Take some leads from Opera :) Just taking away things doesn't automatically help, logically ordering them while also putting them in tiers of expertise does.
[By the way, all those keyboard shortcuts? They have to go, "hacker news readers" can get them back by editing an .ini setting -- the risk is just too great that someone might open the dev tools and then complain about weird rectangles on their screen, or to fail to convert because the website isn't as pretty as it could be]
Increased software complexity and no tangible benefit. Lose-Lose.
http://www.nngroup.com/articles/how-users-read-on-the-web/ http://uxmyths.com/post/647473628/myth-people-read-on-the-we... http://www.codinghorror.com/blog/2009/10/treating-user-myopi...
Well, when people hear I'm good with computers they usually tell me all sorts of random computer troubles, but this one never popped up.
they probably have data that shows that a significant number of support emails show that disabling javascript was the root core of the problem
Are you sure? They seem to have data that most people don't use the option, and that seems to be all.
Besides, anyone who runs javascript disabled in a modern browser are either developers, or tin-foil hat wearers.
Or people who don't like staring at a white screen for several seconds because some ad scripts absolutely has to be loaded first, when they can have the exact same content, instantly, when browsing without Javascript. DSL still exists, you know. And it helps with noticing weight and skill differences where cable users might see none.
I also didn't get the memo that not providing a non-js fallback for normal day to day web stuff is not kind of noobish. Though I could point you to a host of articles pointing out the opposite, and they are fresher than 2002, too, and not from that usability guy with the ugly website either :P
I think it's nearly impossible to find a webpage without a single reference to a javascript file these days.
You will find a million that work without it, and even more that could work without it if they weren't made by [insert random expletive here].
Wikipedia? Works just fine. Search? Works fine. Facebook? I don't use it anymore, but I remember when it worked fine without JS as well, minus chat and instant notifications (oh god, the horror of only hearing about a new message on a page refresh ^^). Twitter? Breaking Twitter sounds like a good plan, not like a problem. But I digress.
Sadly, my mom doesn't go clicking around in the options dialog, no matter how much I encourage her ^^ Hardly in my presence, not ever in my absence.
But even if it was otherwise; explaining that "this needs to stay on or many websites won't properly function" while pointing out the options she might want to change, would be enough? I mean, you don't even have to understand Javascript to code in it, much less to be aware of the toggle... ?
We have roads with cars on them. People can walk into those roads, but don't. For many reasons, but none of them a deep understanding of biology or physics. If we fenced in all roads, we would avoid some of such accidents that are still happening - but would also raise people who need the fence from then on, because they're used to "wherever I can walk, there is no danger of being run over".
And yes, this also means looking someone who lost their child who ran into the road in the eye, and saying "I'm sorry for that, but it's still worth it to not fence everything in." Are we too squeamish for that? Since when are coders so scared of user complaints based on ignorance or using the software wrong? Don't those come with the terroritory?
If that is true, then point me to all those complaints.
There is no legitimate reason your average user should have access to this checkbox.
That's called kicking away the ladder, and fuck that with a rusty chainsaw. How are people supposed to even get curious about what Javascript is, when they never hear of it?
There are a million ways to display and to drill down into options that would make the FF options less cluttered, more logical, while having even more options than it does. There are ways to inform users pretty much exhaustively via built-in tooltips and documentation -- all of this has been working great in the 90s and got better since then. Icon > Title/Tooltip > Short Description > Verbose Description, so you learn everything you "stumble over" once when you need it, and from then on just use it, with the option to refresh your knowledge anytime.
Just compare about:config in Opera and Firefox, and simply accept we're dealing with different levels of skill and taste here, not just different choices.
Most sites these days that aren’t just displaying content will fail in interesting & mysterious ways if you don’t have JavaScript enabled. For the general population, Firefox will appear broken.
And yes, I know that some people have reasons (privacy, web development) to turn off JavaScript. There are many add-ons that can help with this — but it’s not something that we should ship to hundreds of millions of users.
(EDIT: this is the relevant quote, but worth reading the whole article)
"Well, we have met the enemy, and he is us.* In the currently shipping version, Firefox ships with many options that will render the browser unusable to most people, right in the main settings ui."
The solutions offered? Kill it all with fire. I'm paraphrasing, of course.
Problem: People today change some feature then have a "broken" browser (basically, they forgot to turn it back to the default, or they didn't realize they changed it in the first place).
Solution: reset button, also notification to the user that "this page might not work correctly", some sort of an extension of how Chrome shows you that a popup and/or a cookie was blocked, based on your settings. Don't treat your users like idiots, just provide information that clears up certain odd states by explicitly informing them of something like:
"The webpage you are viewing may not work correctly because the following options differ from their default values:
1. Enable automatic loading of images. 2. Enable JavaScript.
These features of Firefox are essential for most webpages to run properly. If the webpage you are trying to access is behaving strangely or appears to be working incorrectly, <click here> to load the page with the default browser configuration."
Done, and done. No removing useful features from the browser, no treating users like morons, but now I have a new, useful, awesome, self-debugging feature which is user friendly, and doesn't require a pesky IT guru's assistance navigating the sea of 10 trillion options.
My experience shows that the more options an application has, the lazier the author was. What do you do as a software developer when there are two ways how to solve a problem? Ask the user which way to use? That is the wrong approach these days. The computer should not ask the user stupid questions. "Do you want to enable JavaScript?" is a stupid question for more than 98% of browser users. Instead of asking questions, software developers should invest the work to come with answers and "read the user's mind". Successful apps can do just that.
Though most casual users I know avoid GUI configuration all the same, so I don't really see the issue here.
you assume that users actually read dialogs presented by the software. This is unfortunately not a correct assumption.
Attempt #1: show that dialog as soon as a page tries to load some JavaScript. Result (I'm guessing): dialog shows up on 99.9% of all web pages one visits (even for the nerdiest of nerds)
Attempt #2: silently download the JavaScript to figure out whether it is 'benign' or 'evil'. Result: users complain that they pay for downloading stuff they do not want.
Attempt #3: make that dialog less intrusive; do not require acknowledgment. Result: users get trained to overlook it; users who accidentally enable the mode will never figure out what happened to their browser.
Attempt #4: a whitelist of allowed scripts. Problem: users will disagree about what should make it into the whitelist.
Attempt #5: the JSBlock extension. This may have merit. So, if you want this feature, download it, or write it if it doesn't exist yet. If the API does not allow writing it, bicker Mozilla.
The author of that article says: "Is it really worth having a preference panel that benefits fewer than 2% of users overall? — obvious spoiler alert: The answer is no."
The answer is yes. If 2% of users have a purpose for it, perhaps it wouldn't have been high up on the priority list to implement as a new feature, but it's already there, and removing it requires extra work. Is it really worth removing features from an application to deal with some hypothetical problem that's been posited under the assumption that most users are idiots?
If there really is a problem, it may be worthwhile to move it to an "advanced settings" panel, but removing it entirely is a terrible idea.
It's worth noting that Chrome - a browser that's far less configurable and customizable than Firefox, overall - not only offers the ability to disable JavaScript globally, but has it as an option in the domain-specific permissions menu.
I really have no idea how common this is, but have seen it once, from a user that's technically savy enough to be diging in options and worried about security, but not savy enough to know the difference between Java and Javascript.
Disabling JavaScript has a few MAJOR disadvantages to proper web usage:
1. As the blog post has said, many web sites will fail in mysterious and unexpected ways. Some web apps may be rendered completely useless. In fact, you might as well just say goodbye to the modern web if you're gonna totally disable JS.
2. Since it's a "blanket fix", disabling JavaScript is a silly way to protect yourself from data miners. Instead, why not use an extension that has been proven to work, is actually available cross-browser, and gives you MUCH finer-grained control over what is displayed?
3. Since JavaScript is not the only thing that could potentially fuck up your web experience, disabling JavaScript doesn't even fix every problem related to privacy! You'd really have to disable JS, disable all plugins (Flash, Silverlight, Java, etc.), and pretty much block yourself out from a lot of the modern web just to be truly secure. At that point, you're really isolating yourself from a lot of the web's rich media, and doing so in spite of the plethora of tools available to combat the stealth data mining practices that these companies use.
Use AdBlock. Use Web Of Trust (WOT). Use Ghostery. At least know when sites are tracking you, and disable those tracking bugs when you see them. You don't need to turn off JavaScript and isolate yourself from an entire ecosystem of awesome, just to maintain control over what data you're sending out about yourself. The idea of turning off JavaScript has always been a silly concept to me, and I felt was simply there to please the more paranoid of us. But there has to be a time to face reality: It just doesn't work.
Is this not the equivalent of 'about:config'? In reality it is the advanced settings panel, just without the pretty dialog to go with it.
Rather than demonstrating careful attention to what features are useful and important enough to ship, they become dumping grounds for "something someone asked for once".
I'd like to see the evidence as well. Perhaps there are dozens of bug reports coming in every week that can be traced back to disabled javascript.
They did leave it as an option in about:config though so at least it can still be disabled via javascript.enabled=false
And the most important point here: This feature really is broken as of today. Nobody can persuade me that they use it on their main browsers. I don't believe them.
Of course not. Mozilla's agenda is determined by its main sponsor, Google, which has a vital interest for JS to be enabled. Any spin on this being somehow "for the user" is bullshit.
In many cases, I suppose the developer doesn't know about the cookie dependency (because of a framework or some other dependency). In other cases, I guess they don't care. Rarely does the page actually tell you that cookies are required.
Limi's blog post "Checkboxes that kill your product" is cited in the bug as a good explanation of the motivation behind this: http://limi.net/checkboxes-that-kill/
The option has been added to the DevTools for developers who find it useful: https://bugzilla.mozilla.org/show_bug.cgi?id=864249
And of course addons like NoScript or js-switch are available if you still want this in your UI: https://addons.mozilla.org/en-us/firefox/addon/noscript/ and https://addons.mozilla.org/en-us/firefox/addon/js-switch/
w3m is not capable of handling Javascript at all. And you know what, for 90% of the websites I visit, it doesn't matter. They function fine and look fine without Javascript. And if w3m could manage to make most websites look fine without Javascript, so could Firefox -- if its developers cared.
As for non-technical users -- they're probably not going to be opening Firefox's Preferences dialog in the first place. And if they do, they probably aren't going to start randomly checking and unchecking stuff to see what it does. That's something an adventurous geek might try, but certainly not your typical non-technical user.
If Firefox developers wanted to additionally protect the average user from this dangerous button, they could have simply stuck it in the Advanced tab of the Preferences dialog, or added a scary warning about being doubly sure that the user knows what he's doing (like they do with about:config).
That said, I'm happy to use NoScript for this functionality anyway, as it's far more flexible than a blanket "turn off Javascript everywhere with no exceptions" button.
Plus, apart from security concerns which can be dealt with other ways, JavaScript engines are now capable of running multiple web apps in many tabs simultaneously without being noticed. Wasn't performance one of the primary reasons for having this option back in the day? Now its not an issue. Going forward we might not see a disable js button and think it just as normal as not seeing an option to disable CSS or even html. It's kind of a non-optional piece of the web now.
Hardly. The number of people who chose to disable JavaScript is utterly dwarfed by the factors that get in the way of JavaScript successfully executing on the page.
Very simply: A browser can not execute JavaScript it hasn't received: http://isolani.co.uk/blog/javascript/DisablingJavaScriptAski...
You are reliant on factors outside of your control. For example, a well-intentioned DNS Blacklist took down loads of Fortune 500 companies: http://www.theregister.co.uk/2012/01/05/google_opendns_clash...
I will, however, miss the "Advanced" button next to the "Enable JavaScript" checkbox (if that button is going to go away, too, which the article isn't clear about). I use those Advanced options all the time to prevent websites from messing with my neatly tiled windows and trying to prevent me from using the right mouse button. Here in South Korea, the majority of blogs and forums have right-click protection enabled (and refuse to display any content if you disable Javascript altogether) due to ridiculous defaults in popular platforms, and every other website feels like they have the right to go full-screen. Firefox is the only thing that makes this stupid trend bearable. I guess I'll have to go and check whether NoScript has a similar option.
At least for the moment, the dom.disable_window_move_resize and dom.event.contextmenu.enabled preferences still exist in about:config, though.
Want your Firefox to behave like a 1990s browser with one window per website? You can configure that.
I think this line says it all.
Non-technical user don't even know what HTML is, the concept they'd ever "grasp of the differences between static HTML and programatically manipulated HTML"? Do these people live in the real world?
JS makes the web feel responsive and interactive. I helps keep the user engaged with you site if used in the correct manner. Removing the option that easily disables it for a majority of users if the right step. Hackers will always find a way around it.
One man's 'responsive and interactive' is another man's "Did it work?"
I'm not going to make a value judgement on this bit. If snappy, responsive, and interactive are priorities, they should be handled in a way that doesn't involve opening the gates of hell and letting Javascript out. If the standards don't provide a clean way to do that that ensures accessibility and that pages don't discriminate against programmatic displays, then they damned well should so that we can exercise the hellspawn that is Javascript once and for bloody all.
I simply don't understand why you would want to browse the web without JS enabled and the average user definitely would never turn it off except in error, causing them to think the browser is broken.
Every single common-use browser on the Internet supports Javascript, there is no reason to assume it is not there as a developer.
Most 'non-technical users' don't have a clue about HTML, Javascipt, static features, etc. To them the internet consists of Facebook, Google and Youtube.
Arguably users who want to disable Javascript could be classified as 'technical', at least enough to be able to Google either a) how to do it from within Firefox, or b) install a plugin such as NoScript to do it for them.
I can imagine most web developers who freelance have dealt with a complaint from a client who had mistakenly turned off JavaScript, at least once.
I personally never disabled Javascript from the Preferences panel because I never find anything in that panel. To disable Javascript, I use the Web Developer toolbar, which is much more convenient, although not convenient enough - since one might want to enable/disable Javascript automatically on a domain basis, which is why this should be best handled by extensions that are free to innovate the UI.
And while we are at it, I wish Firefox would add a search box in that Preferences panel. Its usefulness has been demonstrated in Chrome's Settings and Windows' Control Panel.
Also, Firefox rocks and I'm so happy to see it improve.
As for enabling it by domain, check out the "noscript" extension. I've been running it for a couple years and it (a) lets you see from which domains a page is loading Javascript files and (b) lets you enable/disable Javascript from particular domains. I've never enabled facebook.com, for instance, since I don't have an account there and I don't like the idea that every page out there with a "like" button is tracking me.
Name another browser where the Firebug-like functionality is an extension and not something built-in.
So many times when speaking to employers/product owners about progressive enhancement of JavaScript components, the answer I get back is along the lines of "we don't care about that" or "we don't have the time". Sometimes in conversations with other developers too. I think this change will contribute to an increase in that attitude.
Progressively enhancing a website enables you to still deliver a whizz-bang, fancy-pants UI but ensure that it degrades to a sane text document when viewed in, say, lynx [1]. And it doesn't mean doubling the development time of every feature, which I often hear cited as an argument against. Often it can involve providing a very cut-down equivalent that takes relatively little time to build.
Should we care about people that turn off JavaScript or use a non-JavaScript browser enough to write code for them? Given that the web is an open, standards-based platform, I think we should.
But Majority of Users, My guess that is 60-70% of them, wont even know what Javascript is or mean.
My bet is that there is Less then 10% of users who cares about this. And less then 5% who just cant stand to disable it in about:config instead of UI.
And It is true what Mozilla have pointed out, Disabling even some totally unrelated Javascripts like tracking will somtimes make a mess of Websites. I have seen it far too many times with Ghostery.
For those 5% who REALLY cares about Disabling Javascript for any reasons because you think you know so much. I dont see why using an Add-On or going to about:config searching for Disable Javascript is such as big hassle.
And if you DO have such a big concern over a missing UI features, you can always go to Opera.
The idea is that JavaScript allows a relatively safe way to do that in a sandboxed environment (the browser) that is available on almost every computer.
The developers who really want the web to just be a bunch of static HTML are actually inhibiting that vision of a web platform. Because if disabling JavaScript were to become popular, that takes away that capability of web browsers to run applications. The conversation would go from something like "we can use JavaScript and this application will run for anyone who has a new version of Firefox, Chrome, or IE10/11, or Safari" to "we can deploy our application to the latest browsers, but we will have to first present a screen asking users to enable JavaScript on our site" or something along those lines. It goes from being a ubiquitous cross-platform solution to one that will only run for people who like JavaScript.
JavaScript in the browser is by far the best option we have now and in the foreseeable future for easily deploying applications across different types of operating systems and even devices.
Its amazing to me how many people don't appreciate that goal or really take it into account.
It's only being removed from the UI
The backend ability is still there.
Extensions like no-script and yes-script (I prefer) will still function.
Even if such functionality can be restored by using about:config, or by installing extensions, it becomes a hassle.
They did this with the menu bar, and it hurt Firefox's usability. Now many of us have to waste time and effort reconfiguring it to make the menu bar reappear every time I install Firefox.
They did this with the status bar, and it hurt Firefox's usability. Now many of us have to waste time installing extensions to restore this core functionality.
This case may be even worse, because it's not a one-time fix. Now we'll have to go digging through about:config options each time we want to disable JavaScript, or wait until Firefox 24 so we can disable JavaScript through the developer tools.
Many of us are just plain getting fed up with Mozilla's bad decisions, and very justifiably so.
- How does removing the status bar hurt usability? You still see links when you hover over them, and the add-on bar can be toggled instantly with Ctrl+/
- Always displaying the menu bar by default is a waste of space, it can still easily be accessed with Alt or configured to always display.
Honestly you seem to just dislike change, and I'd advise you to simply turn off automatic updates. The rest of us are happy for improvements to be made.
Today, browsers have far more in common (regarding js/dom) with each other (IE8+ too) than at any point pre-2005. And it is about damned time. I still think the likes of jQuery round out a ton of those rough edges, and it still disappoints me to see so many who hate JS because they want it to be (insert preferred language here).
JS is, and has been my favorite language for a very long time.
I'd prefer if browsers treated the Web as less of a black box, and if they erred more toward helping users understand the world they are exploring.
Hey, Chrome folks, Firefox has this great thing called NoScript. I realize Chrome doesn't have that, so you have to manually disable/enable JavaScript. We just use NoScript, as we have for years, which does a lot more. Firefox users don't rely on the "Disable JavaScript" option, nor ever did.
This is a nonissue, but continue to make it more than it is.
I'd be mad about this, except I haven't used firefox in years. One less reason to go back I guess.
How are we meant to handle AJAX requests that fetch data to display on the web page that allows users to achieve the goal of their visit? Without JS enabled, that part of the page will be blank, and many modern, rich content-heavy sites now pull data from different places on the fly, it's just how it is.
Is your idea of gracefully handling this situation putting a noscript tag there saying "please enable JS"? If so, what exactly is your problem with removing the option which we only ask users to re-enable anyway?
As many others have pointed out, you can still disable JS if you really need to. It's average non-technical users who don't require that option.
You would be surprised what non-geeks tend to do when they have no clue what to do.
You are on the mark.
You clearly haven't worked with the same non-technical users I have. It took ages to figure out that "use TLS" getting unchecked was the reason our site wouldn't load for one particular visitor.
I wholeheartedly support removing all of these check boxes.
Unfortunately, its main weakness is that (as far as I know) it's not integrated in to emacs as w3m is. If it was, I'd probably look to it as a serious contender. But since it's not, I'm afraid I'm stuck with w3m -- for better or for worse. (Right now, it's for better, as I'm quite satisfied with w3m -- except for my occasional Javascript needs, for which I fall back to Firefox, Opera, or Chromium).
(I agree that the changing of existing settings is the offensive part.)
It's faster. Much faster. Every time I disable noscript to use some website (90% of the time it's video that doesn't work) I'm always astonished how much GARBAGE most website have. Totally useless stuff.
Popup boxes, annoying underlining with mouse overs, certificate verifiers, bookmarks, social network promoters, chat boxes, and helpers galore.
I suppose that stuff pays the bills? Maybe. But pages are so much faster without it.
Advertising for paying the bills, analytics tracking to work out who is using their site, chat/comments boxes for social interaction.
For some people and some sites, the answer is an obvious yes. Especially when the script is an integral part of the app or site you're visiting, such as a game or a highly interactive tool.
Sometimes though, the content should be enough. There are plenty of sites out there, like blogs, that shouldn't need js to provide their primary function. For example, I don't feel that I should need to enable client side scripting to view a 140 character tweet on the twitter site.
For some people, tracking via js is the primary concern, and in their case it makes sense to disable js whenever possible, and use offline tools for everything that needs to be interactive.
In any case, this move has a solid precedent, and as others have noted there are plenty of plugins that allow granular control over js execution.
Security, performance, JS ads ...
>> Every single common-use browser on the Internet supports Javascript
My company provides a web based app to Fortune 500 banks, around 15% of the browsers we see have JS disabled.
Security? The browser sandboxes everything.
How many are bots/scrapers?
Every mainstream browser supports Flash, too - does that mean Flash is the way of the future?
I run with NoScript, and it makes the web a quieter, more peaceful place.
I don't block and selectively whitelist javascript, but I think I'd barely notice if I did. Maybe I'll give it a shot some time.
I'm starting to feel old, since no one seems to remember HTML webpages instead of apps or those people that would say they can "program" html.
Google Section 508 and you'll see what I mean. Go ahead and build your site to use javascript, but don't continue under the false pretense that everyone needs/can use javascript.
If I just want to read content, I'm not interested in running your application. I'd rather keep Javascript off and retain my anonymity.
If I actually want to use your application, then sure, I'll enable Javascript for your site.
Stop talking. Start doing instead. Employers and product owners are hiring you for your skills, so use them. Don't ask permission to follow best practice, just do. You are more than a code monkey.
Do your employers really not care if a third party outside of their control decide to do something to affect the availability of their site?
Do your employers control, audit and manage every single byte that gets delivered as part of their website? For those they don't completely and accurately manage and control, how do they absolutely ensure that every byte that needs to be delivered arrives correctly and is interpreted correctly in their users browser? How do they remove the risk of all those server hops between their web server and the customer's browser? How do they control that?
The Web cannot be controlled or managed in this way. There are simply too many factors outside of a website owners control that affect how their site is perceived by customers. Without pragmatic approaches it's either an all-or-completely-broken situation, or when a site is built properly with progressive enhancement, a slight degradation of usability that customers don't really notice - because the core experience just works.
https://www.gov.uk/service-manual/making-software/progressiv...
Want a good data point? How about a couple that decided rather vocally that progressive enhancement is dead. $100,000 spent on a bootstrapped application, and then this astonishing comment: http://unicornfree.com/2013/why-we-shut-down-charm-on-the-ev... -- read the third paragraph of that comment.
Sometimes, it's an expensive lesson to learn.
The web should be words and documents first (I think this page is worth reading http://justinjackson.ca/words.html). It's too late to say but if you want a sandboxed application platform, develop it out of the web. I still believe the plug-in was not a that bad idea, not the best idea though. At least you can disable it anytime and you have freedom of choice.
I suspect that the back button will be eliminated next. Because it collapses most web applications and "user experience".
If the web want to become a perfect application platform, all virtue of the web will be lost.
Web has always been about managing documents in one way or the other. Now those documents are interactive and interesting to watch and listen.
I mean, if my old chem book had cool animations I could tinker with I'd probably be having fun with it right now. I don't understand the outcry for GOW. It's still around and you can still make those sites, but they are usually hard to read (no fancy column layout to make it easy on the eyes) and you have to be a great writer to really engage the audience.
Going back to GOW won't make bad writters instantly better. No more than returning to 8-bit graphic won't instantly make all games better.
It didn't start out as lets make an application platform that can be accessed via url, it was make a document format (html) and share them over a network protocol (http) and provide scripting with javascript, and when everyone and their moms PC had that, developers started saying "can't we make that into a full blown application platform?" (besides failed experiments like java plugins or flash as an application framework)
I really wish we had just let html be documents and made a real remote-access application framework to work along side it, rather than having your program be 2 - 3 tags of html and 5MB of js. I'd much rather be sharing a qml application than an html5 one, because the latter was ground up designed to be a full featured interactive graphical interface program.
That would actually be neat, if browser engines included a qml parser and could load qml files as programs in the browser window frame. It is just extended javascript after all.
[1]: http://surf.suckless.org/
[2]: http://uzbl.org/
Don't get me wrong, I always wished Opera mainstream success. But I think there is also something to be said for niches, and the desire to appease the existing average just because the balance book says that's the best, needs to be called out on sight. Imagine authors only writing books 98% of the people agreed with or cared about. We'd still be in caves with that attitude.
I know making tools isn't exactly the same, but it's also not totally different, IMHO. We need to aim higher than were we are. Every sports fan knows more and more complicated facts than even using all features of Opera would require. Riding a bicycle, much less driving a car, is more complicated than being aware of what option you just clicked - ffs!
If even Firefox can't help but caving in like that, I simply won't dare to hope Opera does better, until I actually see that happening.
I am sorry for ranting, this topic is a huge pet peeve of me. Like when Apple talked about how folder hierarchies are "too complicated", gah. I know I'm expecting too much of people, but I really would rather err on the side of that, than on the side of expecting too little, and then getting exactly that.
They'll probably add most of it back, but it'll take a long time.
about:config is not as convenient to use as a checkbox in the preferences dialog. If what you're suggesting were actually true, then there'd be no need for a preferences dialog at all, and all users would configure Firefox using about:config. But we both know that isn't true. It is not convenient to remember the name of a specific about:config option, especially when the names change periodically. Even filtering by part of the option name isn't convenient, as that requires remembering Mozilla's terminology, and using a general term like "javascript" still leaves many options to sift through manually.
As for the status bar, the URL popup shown when hovering over links is much less usable than the status bar. It is harder to quickly focus on, for instance. Having to remember yet another obscure keyboard shortcut for functionality that should be enable by default, like the addon bar, does not promote usability, as well.
The menu bar is not a "waste of space" because it more than pays back its cost by making a huge amount of commonly-used functionality very easily accessible. It is especially valuable because of the cross-application conventions it embodies, making it take even less effort to perform common tasks.
We shouldn't have to manually enable core functionality like menus or the status bar, for example. Such functionality should already be enabled by default when Firefox is first installed. Anyone who doesn't like the menu bar or the status bar should have the option to disable them, of course. But they should not have been disabled by default, or even removed completely.
[1] http://mashable.com/2013/06/17/ad-blocker-helps-ad-industry/
tbh a global Javascript toggle is a bit useless. You really need the fine grain per-domain settings of No-script to navigate the modern web.
Observe:
<noscript>
The webpage you are viewing may
not work correctly because the following
options differ from their default values:
1. Enable automatic loading of images.
2. Enable JavaScript.
These features of Firefox are essential
for most webpages to run properly. If the
webpage you are trying to access is behaving
strangely or appears to be working incorrectly,
<a href="">click here</a> to load the page
with the default browser configuration.
</noscript>Also: how is that not a dialog? It presents a message to the user, and waits for a reply.
I still think 'no JavaScript' is a niche feature that is best delegated to an extension that sports a whitelist or a blacklist of scripts to allow/forbid. A variation on Adblock would work fine (maybe, Adblock already can be used to blacklist JavaScript. If so, it is a matter of tweaking its UI)
Certain lyrics sites disable right-click to prevent "theft".
Certain sites disable right-click for aesthetics or to prevent me from seeing the page source.
This news just makes me glad I'm on chrome.
EDIT: Per this comment [1] holding shift causes Firefox to bypass event handlers, so hopefully that wouldn't be possible.
Knight turned the machine off and on.
The machine worked. [http://planetvermont.com/v9n2/machine.html]
I can say the new version I am working on looks better, and is actually usable on a phone, just the same, I am not sure I'd like to see the UX on a bandwidth constrained mobile connection.. it's still well under 1MB total, but it seems that we should be working towards being under 100K for an initial load, and given all the targets for different browsers, and work arounds, and libraries, tools etc.. I just don't know where we are going.
We have more target browsers and size constraints than ever, and it's more complicated than ever. I don't miss the V4 browser wars (IE4/NN4) but it seems that targeting a 700px wide or 960px wide site was way easier than the rules today, mobile first or not.
I read threads like this all the time: someone talks about "non-technical users" or "your grandma" or "pointy-haired bosses" or the like, and then goes to great length to discuss, in detail, the capacities or cognitive styles or knowledge base of members of these hypothetical categories.
It all seems like a bunch of arbitrary assumptions.
Most of the time it's a small bar on the top or bottom of the screen. Stop whining.
The point is that it is relatively trivial for the developer to add automated checks for per-requisites and display warnings for the ones that are missing. It is a lot harder for each user to manually run down through the list of all the things that could go wrong.
If they are missing, tell me your site needs javascript or cookies to operate and I might enable them for your site and give it another shot. But if I just get a catastrophic failure without explanation then I'll probably hit "back" and pick another similar site out of the google search results that brought me there.
Just don't make the warnings into roadblocks. Inform the user and let them decide to proceed or not.
w3m has image support in some terminals though, which fascinates me. I feel like I should probably investigate that some more.
xterm http://distrowatch.com/weekly.php?issue=20120402
I installed the w3m-img package on Ubuntu 1304, running it in xterm allows image viewing inline.
Irony: The Web page I linked to above has screen shots showing step by step how to install and run w3m. The Web page design requires javascript to display the screen shots! I wonder why web page designers do this?
Further, the notion of it as a lost battle is unfortunate because we're not discussing a binary choice between two opposing sides here. As an approach, progressive enhancement of JavaScript UIs enables developers to deliver an experience that degrades sanely in non-JS environments.
However, I will concede that your opinion appears to be the most commonly-held one, even among some developers. And it's probably not going to change for the better with news like this Firefox development... :-/
There's already so many moving parts, saying "this browser handles cookies, every newest features of css, html5 and everything. Except js won't run." is just a recipe for ugly user experiences.
Slightly OT, IMO blacklisting specific js (e.g facebook, twitter etc), or having browser giving an option to kill scripts that take too much time or too many resources should be healthier for the devs and the user than just turning js off on the whole site.
Anyone interested in psychology should do phone support for a few weeks...
My guess is that they dismiss error boxes too quickly, or work ahead of you and are afraid that you'll figure it out if they tell you what their error box actually says, and they'll get an F on the test and will have to go to summer school.
There are plenty options that can bug your browser or leave you unable to surf, why remove this particular one?
If you think users aren't that stupid, you're wrong, they are that stupid. If you think people should not use the Internet if they don't understand that much, then you're suggesting kicking a large chunk of the population off the Internet. If you work in IT, kicking a lot of people off the Internet is a surefire way to reduce your industry's size.
Not if someone borrowing your computer for 5 minutes disables it.
And all for what? Someone who isn't going to make us anything near the time it will take to develop.
I'm not saying what you want is wrong. Rather, what you are asking for is to have a game written in c to be rewritten in python because you don't want to use c applications.
Personally I don't block javascript that comes from the same domain as the page. Just 3rd party stuff.
This cuts out the majority of the garbage while still letting most sites work. (I've whitelisted a bunch on CDNs.)
I allow analytics.
And I am not interested in social interaction, because the comments are so intensely stupid you become dumber just by your computer loading them.
Correct. However, this is not true for the the browser owner who owns the computer that the javascript executes on. What rights to my hardware, my electricity, and my bandwidth should the website owner actually have?
For the minority that do click on advertising, or do not get a instant distaste for any company displayed on advertising that are forcible pushed into ones face, I suggest using a opt-in system. Same goes for tracking, or the constant push for integrating different companies websites with ones personal social network profile.
Last, the golden days of pay-with-your-eyeballs or pay-with-your-personal-data supported services might be counting down. Sooner or later, tax officers will start consider those as transaction as any other, and thus enforce taxes on them.
The assertion is that 'configuration creep' is overwhelming for the unsophisticated user in the first place, adding even more notes and explanations to all the configuration options is not going to help.
Really? I would think that sign would help everyone who knew how to read, bothered to read, and wanted their car to run. A sign with a simple message like that was enough to fix one national timeclock system that I worked on. "Do not do X before 12:00 Noon unless Y." in English, Spanish, and Polish.
For the people who still messed it up that we found by using heuristics on all of the punch data, we sent reports to their managers that said that they had probably done something wrong. After 3 or 4 cycles of this, the failure rate went from 15-20% to 1-2%.
Unsophisticated users remain unsophisticated users if you systematically remove configuration until the application only does one thing one way, badly.
> The final choice of name caused confusion, giving the impression that the language was a spin-off of the Java programming language, and the choice has been characterized by many as a marketing ploy by Netscape to give JavaScript the cachet of what was then the hot new web programming language.
Also, browsers aren't bug-free, and enabling Javascript significantly increases the attack surface.
Examples of browsers that embedded Gekko: Camino (a Firefox fork for OS X that happened in a time when Firefox wasn't as polished for OS X), Flock and K-Meleon. Google's Picassa for Linux was also using Gekko.
Also, Firefox's UI toolkit is not GTK, but rather XUL+XPCOM, abstracting over the various native toolkits: https://developer.mozilla.org/en/docs/XUL
Only Firefox on Linux uses GTK. Even on Linux, there have been previous attempts at supporting Qt as the backend for KDE, but all failed because of the easiness with which you can make GTK look like whatever KDE theme you've got selected - not perfect, but the flaws where not enough to gather interest in further development.
There's even XULRunner, for easily building and packaging XUL+XPCOM standalone apps: https://developer.mozilla.org/en-US/docs/XULRunner
This isn't to say that XUL/Gekko are perfect as their complexity was often the subject of criticism, which is why Mozilla replaced XUL completely with HTML5 in Firefox OS and will probably do so in future Firefox versions - as they are also working on Servo, a next-gen rendering engine that doesn't do XUL anymore: http://www.mozilla.org/en-US/research/projects/
Imagine a browser who's every facet and functionality is customizable by HTML5/Javascript extensions that you can install with one click. That's what Firefox already is - the Emacs of browsers.
For example, if my Firebug example wasn't enough, when Chrome was released, many people loved the light download progress functionality that wasn't opening an annoying modal window. Pretty soon an extension called the Download Statusbar happened: https://addons.mozilla.org/en-US/firefox/addon/download-stat...
True, but only goes to show my point - if firefox's extension mechanism made it so super-customizable, surely there would be no need for such browsers?
>Firefox's UI toolkit is not GTK, but rather XUL+XPCOM
Fair enough, but the point stands; when writing extensions you're restricted to using the XUL toolkit. Contrast with e.g. activex-based add-ons in Internet Explorer, where AIUI you get the standard windows API and can thus use any toolkit you like.
>Imagine a browser who's every facet and functionality is customizable by HTML5/Javascript extensions that you can install with one click.
I'm happy to believe that Firefox is the browser that's easiest to customize in HTML5/Javascript, I just think that's a very arbitrary line to draw. IE addons can be any language you like (because again they're just using the standard APIs) and can be installed with one click.
There are plenty of good things about firefox, but I don't think you can say it's more or less customizable than the alternatives without defining customizability in a very arbitrary way. All browsers have a succession of methods of customization, from simple userjs to custom extension formats to embedding the engine in a new executable, with the power and complexity increasing at each step. That firefox's "extensions" lie at a bit more powerful and complex point along the line than chrome's is not the basis for this blanket claim of greater customizability.
And it doesn't force you to use GTK for your UI.
The problem is that once trained, people start doing it instinctively, even with the people that can actualy help.
You might think AJAX is amazing, but I call it an accessibility nightmare.
Make the request from your server, parse it on your server, template it on your server, and deliver the HTML result to your user.
> Without JS enabled, that part of the page will be blank, and many modern, rich content-heavy sites now pull data from different places on the fly, it's just how it is.
Perhaps the developers of these modern, rich content-heavy sites can learn how to do their jobs properly?
> Is your idea of gracefully handling this situation putting a noscript tag there saying "please enable JS"?
No. It goes far deeper than that, naturally. Progressive enhancement ( https://www.gov.uk/service-manual/making-software/progressiv... ) is about defining what is considered the core experience, defining the true value your site offers to your users, identifying the use cases that are utterly essential. It's these features that should be _implemented_ in a way that doesn't depend on JavaScript. So you build this layer first, and get it working. Then, you identify the enhancements, user experience improvements, the bells & whistles, and use JavaScript to fill in those gaps. Confident in the knowledge that should the JavaScript fail (for a plethora of different and uncontrollable reasons) the core experience will continue working. Then you consider the nice-to-have features, and decide how much of that is appropriate to incorporate as a core-experience level, and what improvements can be made with JavaScript.
Sometimes it comes down to doing it with client side AJAX, or not doing it at all.
With developers learning to do their jobs properly, sure when the luxury of time and starting a new site from scratch is on your side. And with backend developers and engineers ready to configure the ultimate content delivery mechanisms. But what of when you don't have that luxury? What then? Just decline the job? Maybe, but then someone else will come along and do the AJAX, and get paid because the content appears when the site loads every single time (provided JS is enabled ;-).
But, yes, clearly, the goal is removing configuration until the app does one thing well, not badly.
If you know your car runs on gasoline, and you don't know the difference between gasoline and diesel, then you see a sign that says "diesel is not gasoline," you know that diesel is not what you're looking for - even though you still don't know the difference.
Regardless of the laws, though, when a site fails to function, it should tell you when cookies are the reason. It's not hard to do.
Users with js still get the "fuller" experience, but users who choose to disable js still have full access to the site.
This "extra functionality" is the same "extra functionality" as having a safety cage designed and implemented in a car. Sure, it's just extra functionality that most people will never ever use. Hopefully. Touch wood.
Nobody is forcing developers to give a damn about accessibility, but it's a bit sad that so many have thrown graceful degradation out the window.
Although some counter by saying that you shouldn't need to provide wheelchair ramps for the < 1% of people who are unable to use stairs.
Sometimes it's not just about ROI.
Not that most web apps wouldn't implement it that way to begin with anyway, but this would be the only choice with a HTML-only site.
So? A complete HN page is smaller than JQuery.
If you disagree with me, and believe it can, I would just love to see a webpage that dumps out valuable data inside my browser. I'll visit it without any browser plugins using the same session I have been using for over a month, promise!
Imagine if Excel employed this philosophy. It wouldn't be useful to anyone.
Is this different in Office 2010 or any of the newer versions of Office? I mostly use LibreOffice and even there it has the same "all GUI" functionality.
Same for scatter plot, import csv files delimited with % marks, and the ipmt() function?
Obviously anything on the 'Advanced...' dialog makes an easy target.
Right. That's what they should be.
Software exists to provide utility for users, not to instantiate designers' aesthetic visions.
https://addons.mozilla.org/en-US/firefox/extensions/?sort=us...
You are absolutely right that configurability is a sign of laziness, the opposite of hard work. But removing configurability is _not_ the sign of hard work. Hard work means addressing the interests of all parties, and Mozilla did not do that.
Why do those 2% of users disable JavaScript? It's in reaction to how JavaScript is used: it enables popups, enables distracting advertisements, lets all sorts of companies track me, makes sites load more slowly, etc. For this 2%, these uses are so odious as to outweigh the beneficial uses of JavaScript. So the hard work would be finding a way to distinguish between the user-friendly and user-hostile uses of JavaScript, and just disable the user-hostile ones, so that the interests of both classes of users would be satisfied.
This would not be new: Firefox's popup blocker is enabled by default, which demonstrates that JavaScript is already disabled for a particular use case, because it proved to be annoying to users. Why not take that a step further? If Mozilla wants to force JavaScript on, they should also address the reasons why that 2% of users go out of their way to disable it today. If those 2% say "I used to disable JavaScript, but now I don't have to" then Mozilla will have done their job.
Assuming you're correct (which I'm not convinced you are), when you then continue, "I have a checkbox that will make it so they don't track you, but it will also break those sites. Is that ok?" They will also respond "hello no".
Firefox's popup blocker is enabled by default, which demonstrates that JavaScript is already disabled for a particular use case, because it proved to be annoying to users. Why not take that a step further?
Right, because you can easily say that a non-user-triggered window.open() is almost always unwanted. I can't think of any other cases where it's so clear-cut and related to JS, or that disabling a particular facet of JS always would be a net win.
If you're going to claim that there's something like that, provide examples. How do you know people at Mozilla haven't already thought hard about this problem and decided there isn't much more they can do? I bet they have.
> "I have a checkbox that will make it so they don't track you, but it will also break those sites. Is that ok?" They will also respond "hello no".
This overstates the case most of the time because doing this generally breaks relatively little for those domains listed, and to the extent it doesn't, making that decision on a domain-by-domain basis seems to work pretty well (ask any Noscript user)
But besides that and besides that your usage statistics are being logged on the server itself regardless of what you do. Expecting Mozilla or any company to figure out how to block a javascript put request sent to Facebook, but not other put requests which are there by design of the site will only result in Facebook finding a workaround.
It's unfortunate that some people use Javascript in ways that slow down their site. For example with horrendous 'sharing' widgets. You can use plugins to disable those items from loading but it wouldn't be Mozilla's place to decide that on everyone's behalf.
These days Javascript is as much a part of websites as the HTML itself.
Google also tracks the links I click when I am on CNN, ABC News, Fox News, MSN, LinkedIn, and the majority of sites I visit (with the important exceptions of Wikipedia and BBC News - thanks guys!). Advertisers track me when I am not even on their properties! That is what is objectionable, and what is defeated by disabling JavaScript.
> Expecting Mozilla or any company to figure out how to block a javascript put request sent to Facebook, but not other put requests which are there by design of the site will only result in Facebook finding a workaround.
Perhaps, but Mozilla should do it anyways.
Remember the ruckus over IE 10 enabling Do Not Track by default? Advertisers and ad brokers were “very concerned”[1] by even the whiff of a browser maker acting in the interest of users over advertisers. Do Not Track is only tolerable if it is off by default, wholly unenforceable, and just as buried as the “Enable JavaScript” option.
Make no mistake: advertisers believe that they have a right to know what links you click and sites you visit across the whole web, and even a right to enlist your browser to aid in informing them. And Mozilla is complicit!
(And why not? Recall who pays Mozilla’s bills.)
> These days Javascript is as much a part of websites as the HTML itself.
Yes, which means that those few who disable JavaScript pay a significant price for that decision. Nobody disables JavaScript because they hate the language. They do it to escape user-hostile JavaScript programs.
[1] http://www.businesswire.com/news/home/20120531006914/en/Digi...
As far as blowing off your leg, sometimes you just really hate tennis elbow, you know?
If we follow this thinking too far, we end up with a closed console like device, or Gnome 4 as parodied last April [1].
Surely there is a case for progressive revealing/enabling of advanced functions?
In the UK, the Blackberry phones are very popular with teenagers because of BBM. This desire to access BBM even extends to students carrying two phones, one an old blackberry handset on wifi and the other an iPhone or whatever. You will find small groups in corners at lunchtime exploring the features of the handsets. Experts will coach those who know less. If I could get that level of peer tutoring going in Maths, I'd have my OBE in the bag quite soon! Users can increase their knowledge provided the unfolding of extra features is managed.
The downside of progressive functions in the base install is that the core Firefox team would have to support all the functions.
To be most intuitive to use, computers should converse like a human. Humans have LOTS of options, and everyone understands that. E.g. if I ask a human to make a sandwich, I can specify all the ingredients I want, how and when I want it, and so on.
The ideal computer, too, would adjust its software to my preference. E.g. if I can, using natural language, explain the computer that I want JavaScript disabled, it can figure out what that means and what in the source code or flags of Firefox it has to change for me to have that disabled. Or if I tell it I want a big refresh button in the center of the screen, it can improvise and render one for me.
Far future of course, but that is the most intuitive end goal of computers: you ask them what you want in natural language, they understand and provide it.
For now, because the above does not yet work, please provide options. Fortunately Firefox provides many options for those who need them: about:config. I find it really awesome if you can adjust an application to your needs at such fine grained level.
Adding more in the way you prescribe isn't just adding more, but officially supporting more at the code level and user level.
Depends who you ask. My mate and a few close friends would know to make me a sandwich without bread, but hardly anyone else would get that right.
Why would scared people even open the settings dialog?
A naive user would then open settings in an emotional and annoyed state and would turn off anything that caused an emotional response of fear. JavaScript, Ive heard of that and I don't like it so kill it stupid thing computers are so frustrating they never work. Click
And now your browser is broken.
And in any case, for those that want it, it's in about:config ... I doubt anyone who should be disabling JS would be looking around for it in a config frame, and not do a quick google search. I've generally adjusted most of my settings via about:config, mostly cache related for me, but if I'm playing with js settings etc.. it's easier to keep a tab open with about:config than a modal.
And all of this actually is equivalent to the "uncommon" VBA coding that you hear of. I wouldn't be surprised if all of the VBA code / spreadsheets you hear about evolved from one of these massive GUI created spreadsheets. Why? Anecdote time:
Those VBA sheets tend to come into existence when a non-programmer decides to learn about macros, updates one of these sheets to be simpler (less data entry), and it actually works. One of my friends was one such employee and she ended up converting a few of the inefficient spreadsheets into a single faster (though still slow) one. Due to cutting down the amount of manual data entry and processing time, it made what used to take a few days of work into a single day of work (mostly to have the sheet run calculations). If this creation gets useful enough, it can take a life of its own in the company and eventually some manager might make it the responsibility of an "IT" guy to update the code. Usually because the original employee got promoted (or left for a better job) due to killing their performance reviews. My friend was one such employee who left and actually did this at more than 1 company leading to a pretty damn well paying job at a young age. Last she heard, her original spreadsheet was still being used and semi-maintained by IT. And this it how I believe a lot of those VBA coding projects come into existence.
How this all connects back to FF and the javascript option, I have no idea. What I do know is that non-technical users can be pretty goddamn creative when it comes to finding ways to simulate uncommon functionality when needed. All via the GUI.
This meant that he freed up plenty of time for the entire team he was on. Unfortunately, this meant that they now had surplus staff, and as the newest arrival, he was the first to let go.
Yeah, incredibly backwards internal politics, but I swear it's true.
On (multiple) repeated readings, I'm not really sure you were intending to make a point one way or the other. If I attribute the second sentence of It IS effective in the sense that running no javascript really limits the amount of information people can learn about your system. Like, why should a website be able to learn about the size of my screen, the complete enumeration of all of my plugins and fonts, etc? to your voice, then it seems you are. If that's to be taken as the user's voice as rationale as to why JS doesn't need to be enabled, then it's fairly neutral.
At this point, with your reply taken into consideration, I'm confused. Feel free to elaborate.
> If ... you are doing Internet wrong
Well, my first sentence was actually asking you, since I wasn't sure.
Broad enumeration capabilities of this sort don't make sense. You don't need me to tell you why, because the moment you considered these features not existing, you immediately thought up alternatives that didn't involve running javascript, some of which require changes in the way people think about building web-pages, some of which may require changes in various specifications.
JS has more features than it deserves for learning about and (critically) sharing information about the host platform. Yes, you can still learn some things as a website operator by watching what browsers load/don't load, and what they put in their requests.
That does not mean that disabling javascript doesn't have value w/r to privacy concerns. Compare panopticlick.eff.org w/, w/o javascript enabled.
Edit: I should hasten to add that there are other concerns beyond privacy, like accessibility and the fact that a web page has no bloody business deciding that I'm likely running an iPad and therefor I shouldn't have access to X or Y. This is dumb, and contrary to the idea of the open internet. It's the same thing that's wrong with this EME nonsense.
I can get behind most of what you say - as long as we are talking about simple, presentation based websites.
Where I think there's a breakdown in this view is when you consider complex web applications, including games. At that point, I believe some level of inspection capabilities are required, if we desire to have complex web apps delivered through the internet. I'm by no means sold that on-demand web delivered code is necessarily a good thing though. There's far too large a surface area to adequately secure while still making it useful, IMHO.