"If you're seeing this message, that means JavaScript has been disabled on your browser.

Please enable JavaScript to make this website work."

I'm so sick of websites websites refusing to even display text and images if I don't agree to run their proprietary Javascript on my computer. Isn't it time that browsers started treating requests to run Javascript like requests to use the mic or camera, and asked the user before allowing them? Ideally with crowdsourced info about what the scripts are, and what they do? In other words, make something like #NoScript a standard part of browsers.

Show thread

@strypey Be careful what you ask for: that would kill the peer web before it started. JavaScript on the client isnโ€™t the enemy. Business logic on the server is the enemy.

@aral that's a fine distinction. As a developer, you're in a better position than I am to know. But you'll need to convince me. Because it seems to me that outsourcing processing work to the user's PC - via JS black boxes - is exactly how #SurveillanceCapitalism achieves massive scale, while claiming that #ThereIsNoAlternative to centralized server infrastructure. A myth they've propagated so effectively that even many developers have started believing it:


JavaScript isn't a black box, though. You can inspect all the code that's running in your browser.

Some JS is obfuscated, but it can be easily de-obfuscated. All browser-side JavaScript is effectively open source, even if it's not licensed as such.

If your concern is about privacy, it's not the JS running in your browser that should concern you. It's the data sent from the JavaScript to the server.

It would be reasonably simple to disable AJAX, thus preventing data to be sent to/received from the server, but allow all other JavaScript, allowing interactivity to still work.


@danjones fair points. But privacy is only a subset of a much larger concern, which is about *control*. Putting aside the argument we could have over the "black box" part of my post, the fact remains that:

> outsourcing processing work to the user's PC - via JS - is exactly how #SurveillanceCapitalism achieves massive scale, while claiming that #ThereIsNoAlternative to centralized server infrastructure.

@danjones There are many possible strategies for redecentralizing, and resolving the *many* problems with JS, some of which are described here:

I agree with @alcinnz that moving interactive functions back into native apps, leaving the web as a platform for static pages that don't require (or use) JS, is a strategy worth exploring.

@strypey @danjones @alcinnz Maybe the FSF should worry more about its logo appearing next to Googleโ€™s as they sponsor the same events than some ridiculous and ill-informed stance against a programming language that spreads FUD about potential alternatives. Remember that an AGPLv3 licensed app specifically built for drones to send hellfire missiles to little children would get the FSF seal of approval. Free Software is just a component of ethical tech but doesnโ€™t care about ethics of use cases.

@aral I share your concerns about open source events being sponsored by Google, as do FSF, but they can't control this. As for approving of child-killing drone software, that's FUD worthy of Microsoft. FSF have often spoken out about the use of freely-licensed code to do much less anti-social things than that:

Perhaps you could respond to the concerns laid out in 'The Javascript Trap' with some substance, rather than resorting to whattaboutism?
@danjones @alcinnz

@aral as for the claim that the FSF's criticisms of Javascript are a ...
> ridiculous and ill-informed stance against a programming language

I note that they're far from alone in seeing JS as a problem. Plenty of experienced engineers have serious problems with it too. A quick selection off the top of my head:
* soc.freedombone.net/objects/20
* hackernoon.com/the-javascript-
* onpon4.github.io/articles/kill
@danjones @alcinnz

@strypey @aral @danjones @alcinnz I've been programming for 30 years and I think javascript is very bad. let's not forget it killed off better alternatives at the behest of Google, who embrace it because it powers their surveillance. you can't deploy javascript without tacitly approving of Google's (and other surveillance capitalists') use of it imo.


> let's not forget it killed off better alternatives at the behest of Google

To what alternatives are you referring?

IIRC, when JavaScript was gaining steam, the closest thing to a serious contender was VBScript, which only worked in IE.

Also, Google didn't exist yet.

@strypey @aral @alcinnz

ยท Fedilab ยท 1 ยท 0 ยท 1

@danjones @strypey @aral @alcinnz Google's existed since 1996. at that time you could run Tk/Tcl scripts in Netscape navigator,with a plugin. you could run perl scripts too, which was big at the time because perl/CGI was the main way to make a web site dynamic back then. Java applets, which made an effort to be secure, were also starting to appear


None of those alternatives worked without a browser plugin, unlike JavaScript.

Because of that limitation, I wouldn't consider them as serious contenders.

And Java applets were an awful user experience.

And Google certainly didn't have the clout to kill any of those off at the time.

@strypey @aral @alcinnz

> None of those alternatives worked without a browser plugin, unlike JavaScript.

Sure, but that's only because there was no #W3C standard saying the dominant browser vendors ought to implement them in the browser, and no consensus among them on de-facto standards. Javascript is fine for prototyping, but before anything gets mainstream use, it ought to be standardized and put into all the browsers, not sent down the pipe indefinitely. It's amateurish.
@walruslifestyle @aral @alcinnz

@strypey @danjones @aral @alcinnz agree, and it's also dangerous because all it takes is a monopoly or duopoly among browser makers for the entire industry to consolidate around a technology that benefits their business interests. instead of having a healthy ecosystem of alternatives so that developer's can choose what works best for them

Sign in to participate in the conversation

What sets mastodon.host appart?

As a general instance, we are not centered on a specific theme, or a specific language. Everyone is welcome as long as they follow the few rules we have.

We always run the latest stable version of Mastodon, providing you a stock experience, with the following modifications:

  • 2048 character limit (not 500).
  • 512 character limits for the account's bio (not 160).
  • full column width (not fixed size).
  • more search results (20 instead of 5 per type of search).
  • Audio upload (not limited to videos only).
  • full text search of statuses (not restricted to searching tags and users).
  • trending tags are displayed on the main UI ( and a more complete view is available here)
  • boosts and replies are shown in the timelines (more complete view for everyone).
  • Your mastodon.host account is also a XMPP account (Federated Instant Messaging, take a look online to find a client and use your mastodon.host username and password to configure it, you can also use our online web client). Woohoo! two services in one!
  • We also have a very good view of the federation (our federated timeline gives you a more broad view of the Mastodon network than a 'normal' instance, there's a lot to read in a lot of languages).
  • We also host a Peertube instance for the convenience. Try it and let us know what you think !
  • In the same vein, we host a Funkwhale instance for the convenience. Try it and let us know what you think !
  • If you want to be on a more quiet, moderated instance, or use another AP implementation, we host a Pleroma instance for the convenience. This is the same fediverse as with Mastodon, but with a different default UI and way more optimized backend. Try and see which one you prefer !
  • Now if you want a different UI, the stock mastodon one does not please you, you can check Pinafore.
  • We do also host for the convenience a video Conference server ( Jitsi Meet )
  • We have a mastodon relay for other instances to bootstrap their timelines: https://relay.mastodon.host

Although we are a medium+ sized instance, we'd like to keep the feeling that you are at home and safe here.