[Python-talk] [js] Javascript Uber Alles? Is script without the sandbox a good idea?
Cole Tuininga
colet at code-energy.com
Mon Jul 2 17:45:32 EDT 2007
Gah - original replied to Ted because of header settings.
On Mon, 2007-07-02 at 10:09 -0400, Ted Roche wrote:
> Never too early in the week to throw in an incendiary message thread...
>
> I have a lot of concern on the spread of JavaScript everywhere. Like
> Lloyd, I usually run with NoScript enabled because I don't need to be
> annoyed with dancing jumping animations. It is remarkable how many web
> sites will not work right and will fail silently if you do not have
> Javascript enabled.
This is a tough call for which I don't think there is a "right" answer.
Though, just for the record, animations are usually either via flash,
java applets, or animated gifs. That's not to say it can't be done with
javascript, just that I believe these other technologies are the more
likely culprits.
When I do work with a web UI that includes javascript, some the general
rules I *try* to follow include:
* Javascript should be used to enhance the interface, rather than
"because I could"
* Javascript should never be mandatory - the UI should work without it,
and ideally it shouldn't be painful to work without it.
* If I'm going to use javascript, it needs to work for "most modern
browsers" (for whatever value of "most modern browsers" you choose)
As far as the security issues - that depends on which js implementation
you use. There are certainly some organizations I trust to have a more
secure implementation than others.... ;)
--
Cole Tuininga <colet at code-energy.com>
http://www.code-energy.com/
More information about the Python-talk
mailing list