[scrupulusalbion]

>it seems pretty reasonable to assume all third-party elements on the web are hostile.

The trouble is that a lot of good and bad JS/CSS/content is gotten from third-party sites. Some websites are simply useless unless your browser loads third-party JS (e.g. Bootstrap). The ability to load third-party code/content is built into HTML and web developers naturally take advantage of that capability.

[acqq]

> Some websites are simply useless unless your browser loads third-party JS

These sites are definitely making the problem much bigger, typically not even caring.

The developer a site actually gives instead of a user an access to the user's data to any other entity from which the developer "just references the scripts or fonts or whatever" to shorten his development time.

A huge problem. The article that we comment to shows very specific examples.

[paulie_a]

Then it is time to stop using those websites.

[IncRnd]

Every time this subject has come up on this site, and someone has mentioned to use the extension NoScript, they've been down voted to oblivion.

[pferde]

Maybe because uMatrix is much better at the job than NoScript? :)

But yeah, there seems to be a lot of animosity towards the idea of blocking javascript here. Maybe because there is a lot of webdevelopers visiting this site, and they instinctively react when someone is trying to take their toys away.

[IncRnd]

Yep, I wrote NoScript, but I actually meant script blocking. :)

For some time now, I've used ublock origin, which I find better overall than umatrix.

[robin_reala]

#notallwebdevelopers. Progressive enhancement is a reliability mechanism, not a throwback.