negative zero

Why This Site Doesn't Use JavaScript

2019 April 7

[javascript] [opinion] [tech] [web]


This site currently uses a grand total of 0 lines of JavaScript code. This may make it feel old (although partly this is a personal aesthetic choice), but there are some good reasons I decided not to write my site with JavaScript.

In the interest of possible future changes to the site, I want to say now: I'm not guaranteeing that I will never use any JavaScript on my site. However, my intention is to never use any JavaScript beyond that required to make the site function (with the possible exception of a script that prevents a page from loading until it is disabled, as a teaching exercise - I've toyed with this idea). Disabling JavaScript should never hinder any portion of the site that is possible to build without programming code. Furthermore, any JavaScript used on my site must be free.

What is JavaScript?

Per Wikipedia,

JavaScript often abbreviated as JS, is a high-level, interpreted programming language that conforms to the ECMAScript specification. It is a programming language that is characterized as dynamic, weakly typed, prototype-based and multi-paradigm.

But let's take a less technical approach to this question. JavaScript is a programming language often used in the World Wide Web. Basically, web pages are built primarily in 3 languages: HTML, CSS, and JavaScript.

HTML and CSS

HTML (HyperText Markup Language) is the main language, in the sense that webpages are .html files written in HTML, but they may also contain or reference CSS and JavaScript. For an example of HTML, you can press ctrl + U (or an equivalent command to "View Source") on this or any other page and see the HTML code that makes up the page.

CSS (Cascading Style Sheets) is a style sheet language, which essentially just specifies style for other documents, such as HTML. For an example of CSS, you can take a look at the theme used on this site.

So key things to notice here are:


JavaScript

By contrast, JavaScript is a programming language. It does things, and it can do a whole lot, with or without your knowledge and consent. While the source for JavaScript by nature must be readable, the source can be obfuscated by tools that make it difficult to read and understand.

I like the not-very-technical summary: HTML and CSS specify how a website should look, and JavaScript specifies what it should do.


Why is JavaScript Dangerous?

Basically, JavaScript on the Web has the potential to be dangerous because it's powerful, it's widespread, and the default behavior of browsers is to allow all JavaScript to run. For some reason, we've all just decided that it's a good idea to indiscriminately run Turing-complete code anytime we see it on the Web, regardless of what it does. Much of this code is proprietary. Much of it is actively malicious and used to track us or otherwise harm our computers.

And almost every site uses it. Excessively. Many sites won't even load basic text content (which certainly doesn't require programming code to display) until you decide to allow them to run their code on your computer.


Informed Consent

I believe in free software, and of course I think we should all run only free software (as if that's not an overly optimistic goal...) But regardless, we should at least have the choice about which proprietary programs to run on our computers. The current paradigm of the Web does not default to informed consent. Browsers assume by default that the user would like to run all JavaScript programs they come across.

This is the model of assumed and uninformed consent we see so often in the tech world - the "opt-out" model. It's possible to refuse to run JavaScript programs a site asks you to run, but this is not the default, so doing so requires users to first become aware that this is an issue, and subsequently learn how to protect themselves and then enact those measures. Actually enacting those measures is a lot of work because blocking JavaScript breaks a lot of the Web, so in order to function online, you need to either run a lot of proprietary software or severely limit which sites you visit.


Why My Site Doesn't Use JavaScript

Unfortunately, I don't have the power myself to stop the Web's unreasonable reliance upon JavaScript; however, I can do my small part by not requiring it for my site and by writing about it. My site doesn't use any JavaScript at the time of writing because:

  1. It doesn't need JavaScript.
  2. In fact, the lack of JavaScript means it loads faster.
  3. I want to respect visitors' freedom and safety by not subjecting them to proprietary or potentially dangerous software. (Note, as stated above, if I do need to incorporate JavaScript into the site at a point in the future, it will be free JavaScript.)
  4. I want to allow users to protect themselves by blocking JavaScript, without breaking the functionality of the site.
  5. My experience with JavaScript is pretty limited, and I'm writing this site by hand, so it's easier to just write the site in HTML/CSS.

If you run a site, please make sure that the site can function without JavaScript, unless that JavaScript is absolutely integral to the site's functioning. If you do require JavaScript, please release it under a free license so users don't have to run proprietary code to visit your site.


Final Notes (The "Why Didn't You Mention This Thing?" Section)

At some point in the future, I'll write a post about ways to protect yourself against JavaScript. I had a specific purpose here, which was to address the inclusion of JavaScript in websites in the first place, rather than blocking the scripts when you access those sites.

Talking about the state of packaging web apps with Electron is outside the scope of this article.