Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

"In the past couple years, however, I have noticed a new phenomenon. Remarkably - madly, in my view - there are webpages, webpages that should be simple, webpages by all appearances that consist of nothing more than a photo (maybe more than one), a byline, and a few hundred words of text, that require Javascript to load. As in, you will get a a blank page or an error message if you don't have their scripts enabled."

I use noscript as default and I'm noticing the same thing. I post them to twitter. Here's a sample:

- 'Here are the instructions how to enable #JavaScript in your #web #browser.'

- 'For full functionality of this site it is necessary to enable #JavaScript.'

- You must enable #javascript in order to use #Slack. You can do this in your #browser settings.

- 'You appear to have #JavaScript disabled, or are running a non-JavaScript capable #web #browser.'

- 'Please note: Many features of this site require #JavaScript.'

- 'Tinkercad requires #HTML5/#WebGL to work properly. It looks like your #browser does not support WebGL.'

- 'Warning: The NCBI web site requires #JavaScript to function. more...'

- 'Whoops! Our site requires #JavaScript to operate. Please allow JavaScript in order to use our site.'

- 'The #media could not be played.'

- 'Notice: While #Javascript is not essential for this website, your interaction with the content will be limited.'

- 'Powered by #Discourse, best viewed with #JavaScript enabled'



It shouldn't be surprising that Tinkercad and Slack require JS.


Seriously, did they think Tinkercad was just going to be a pile of CSS transforms?


He's probably talking about their home page, which is just text and images selling their product.


"Seriously, did they think Tinkercad was just going to be a pile of CSS transforms?"

To read the front page?


Seriously, I remember using a web chat client (might have been an old version of mibbit) which was "minimal" JS. Basically server side rendering of the incoming messages plus periodic page refreshes. It was a very poor user experience.


pomf.se used to have:

>Enable JavaScript you fucking autist neckbeard, it's not gonna hurt you

It always gave me a chuckle. Most of its clones still have it (e.g. pomf.cat).


From the FAQ at pomf.cat:

> All filetypes but exe, scr, vbs, bat, cmd, html, htm, msi files are allowed due to malware.

Yes, scripting in html never hurt anybody...


Back in the days of IE4/5 I discovered that turning JS off would very effectively stop pop-ups, pop-unders, pop-ins, slide-overs, and all other manner of irritating cruft, and it's been the default for me ever since. Conveniently, IE also provided (and AFAIK still provides) a way to whitelist sites on which to enable JS and other "high security risk" functionality, so I naturally made good use of that feature.

More recently, I remember being enticed by some site's "Enable JavaScript for a better experience" warning, and so I did, only to be immediately assaulted by a bunch of extra annoying (and extra-annoying) stuff that just made me disable it again and strengthened my position that it should remain off by default. That was certainly not what I considered "a better experience"... now I pay as little attention to those messages as I do ads, and if I don't see the content I'm looking for, I'll find a different site or use Google's cache instead.

Another point you may find shocking is that I used IE for many years with this configuration, and never got infected with malware even once from casual browsing, despite frequently visiting the shadier areas of the Internet and IE's reputation for being one of the least secure browsers. It likely is in its default configuration with JS on, but turning JS off may put it ahead of other browsers with JS on, since the (few) exploits which technically don't require JS are going to use it anyway to encode/obfuscate so as to avoid detection.


I think it is even the default on server versions of Windows since Server 2003.


> I post them to twitter.

Why?


"> I post them to twitter. ...Why?"

As a reminder to myself how lame some sites are and what happens when it's assumed JS is in use.


And on top of that, some redirect you to another page to display the no-js-warning. Then you enable JS for the site and reload but will get the same warning because you're no longer on the page you visited...

I think it is mod_pagespeed that's doing this, kinda silly.


NoScript, at least, has an option to catch and stop redirects of this kind. They can be quite funny when you can see a perfectly loaded page that wants to send you elsewhere.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: