This was an interesting bit of discussion today over on Mastodon about JavaScript. Generally speaking, I fall on the side of less JavaScript is better, mostly because my laptop is underpowered and JavaScript websites get real resource-intensive real fast. Especially when ads, advertisers, ad networks, marketing companies [waves at old job], and the like are loading in their own JavaScript on top of whatever the base website uses. Hell, I’d argue that JavaScript that’s only run by the website you’re accessing directly is probably fine most of the time, it’s the ads, and related stuff like tech to dynamically serve the ads, that make JS a pain to deal with.
I quickly learned there’s a lot more reasons to dislike Javascript, at least according to this one post that I want to state right now I haven’t tracked down secondary/confirming sources for:
Which is a lot to chew on!
Please note that Mastodon is a plus, both for me and the list-maker. It also sucks to know that guy runs Brave, because Brave is full of good ideas and I’d like to see its “put up a pot of money you define per month, it gets divided between the websites you visited in a given month” model take off. Seems like a really good way to solve the whole “relying on ads and/or possibly inconsistent tools like kickstarter or patreon” thing.
This also led me to stumble onto (or I came upon it on accident earlier in the day, I don’t remember), Richard Stallman’s writeup of his strong stance against “nontrivial nonfree JavaScript programs.” Which is an interesting read if you have the time.
Lucky for lil’ old extremely easily-influenced me, another Mastodon user stepped in to remind us that, in the end, JavaScript is a tool and also enables some cool things, so maybe don’t dismiss the foundation of what makes the modern dynamic web page completely possible:
They followed that up with the very good point that any sort of replacement for Javascript would necessarily have the same capabilities, and thus the same ways it could be exploited, as JavaScript currently does.
It did get me thinking about how many websites we have that need to be dynamic. I think a lot of sites with fancy animations and dynamically loading timelines and stuff don’t necessarily need them. There’s no reason your timeline on Facebook couldn’t be paginated (except then THE ALGORITHM [scare chord] has less to mess with).
We could also have an alternative mode where we use static pages for everything on-line, with server-side updating that we access via simply refreshing the page. (Thank you to @c25l@wandering.shop for unpacking the specifics of my “what if we used HTML and user hard-refreshing?” idea.) If we want something dynamic, we use an app like TweetDeck (RIP buddy), which I imagine would be a lot easier on the CPU, RAM, and bandwidth of a given computer. Plus then we get to choose if we want the resource-heavy version or the lightweight version, and make it so the web is a little bit faster for everyone.
Meanwhile, I tried to think of another solution:
Maybe I need to think a little more on this one. 😉
There are a *few* points of exploitability in ES that aren’t strictly necessary. The biggest thing is the top level object being mutable, and just generally the lack of any kind of namespacing / privacy concept. That stuff means any bad code you’re running because of e.g. a rogue ad can break into your good code way too easily.
That said, the fact that ad networks are serving code per se really is a much worse problem than the language they’re serving it in.