[monsieurbanana]

It's hard to even wrap my mind about the consequences of those limitations though. The web as we know today would not exist, hell the world would be a different place without facebook and all the other social networks.

And something would replace them, and the same problems would happen because the fundamental problem is not caused by some technological decisions, but stems from human nature.

[ashrk]

HTML stagnated badly and this was exacerbated by the "we can just let Javascript and/or CSS handle it" effect. With a less-free Javascript it'd have been necessary to add things like sortable tables and better form elements to HTML itself. Frames might have been improved to fix the various known problems with them, rather than abandoned. Social networks could still exist just fine and, judging from how things like Basic HTML Gmail or Craigslist or HN compare to more "advanced" websites, would have performed a whole lot better.

That a cross-platform application distribution platform might have arisen anyway is beside the point. It'd have been nice to keep that separate from the locked-down hypertext platform that keeps the user in control. We've lost the latter in gaining the former, rather than having both.

[EDIT] I'm with you on humans being the problem over technology in general, but in this particular case I think there were technical reasons that Web 1.0 was destroyed in the creation of Web 2.0 and we were left with one crappy platform that constantly betrays and tricks its users rather than two, at least one of which isn't capable of betraying its users the way this one does. We're where we are because no-one treated Javascript (or anything else with its capabilities and liberties in the browser) as the fundamentally terrible idea and permanent trust-ruiner that it was. It's inherently and unavoidably a security disaster for the Web, not in terms of secure communication between client and server or whatever, but in terms of practical personal security for the users and their data.

[dpark]

> That a cross-platform application distribution platform might have arisen anyway is beside the point. It'd have been nice to keep that separate from the locked-down hypertext platform that keeps the user in control. We've lost the latter in gaining the former, rather than having both.

You assume that HTML would have survived in the same world as this hypothetical cross-platform app ecosystem. I think you are mistaken and you can ask Gopher fans how well it works out when your platform's capabilities are completely subsumed by a more powerful platform.

If the W3C and the major browser vendors had announced an intention to stagnate and never move beyond basic hypertext documents, either another set of people would have forked and moved on without them or a full replacement would have sprung up.

[ashrk]

HTML did stagnate, in part because JS was available. How many sites expose the built-in file upload element these days? It's clearly terrible, yet hasn't improved in many, many years. Tables should have (optional) built-in sorting, obviously, but it's not there because you can just use Javascript. And so on. All they've done for, what, going on 20 years now, is prettify the tag names a bit. HTML is de-facto dead anyway, or at least on life support, just a supporting technology for a spying platform that's only there because no-one can be bothered to replace it with something better suited to that purpose. Meanwhile there's no safe-by-default way to browse hypertext. That's dead. Mixing it with app distribution already killed it. There's nothing there to lose.

[dpark]

HTML is the most popular language in the world. The core of HTML may have "stagnated" because of JS, but the alternative would probably have been extinction and replacement with something that didn't decline to include programmability.

I also don't think HTML has actually stagnated, though. HTML+CSS+JS is a solution, and it's changed a lot over the years. The HTML piece has experienced the smallest set of core changes, but that's because it already does what it needs to. Adding a modern file upload element might be nice, but it's not necessary. (Also the behavior of upload on the client side is really a browser choice. Browsers could make this a lot prettier without changing HTML at all.)

[ashrk]

> HTML is the most popular language in the world.

Like x86 assembly is, sure. Though way less well-suited to its modern purpose than that is. It's alive by accident and momentum, purely.

If it did what we needed it to do we wouldn't have burned who knows how many (tens of?) thousands of person-hours creating half-complete solutions to its various plain-as-day shortcomings. Input wrappers, table sorters, sequential image viewers, and so on. We did finally get video but it's still usually wrapped in custom UI driven by JS. It's not complete and featureful enough to exist as a good rich document format without JS (due to its long stagnation) but is also really far from being a good choice for laying out and describing applications (because it was never meant to be).

Agree that browser vendors are the ones who'd have to fix all this. The time for that passed a long time ago, of course. I just think it'd be nice to have a hypertext document network that doesn't have on-client spying as a first-class, built-in feature that you have to go way out of your way to even partially avoid. Creating Javascript and giving it such wide access was what killed any hope of that. I consider that the original sin of the modern web, that the platform itself is fundamentally and irreparably insecure (from the end user's perspective).

[OtterCoder]

Exactly this. Network connections won't fire without a visible link? Fine. Save up user data for when they navigate around the site and send it as a batched query.

Heck, even if browsers always showed you the data they were about to send, split out by field, just base64 encode what you don't want them to know you know and give it an innocuous field name like, "session_id". Even better, piggyback off of legitimate fields with zero-width-character encoded data. Where there is any signal at all, there is a way to hide extra information.

[ashrk]

Yeah, you'd have to prevent JS from catching a broad set of user events at all, and disallow modification of most of the DOM by it. Again, basically restrict it to tightly-context-constrained functions to do stuff like custom sorting. There'd still be security issues with it from time to time, but they'd be bugs rather than baked-in insecurity that's part of its feature set.

[cityzen]

Not sure I get your point about Facebook. I quite liked the internet before Facebook (been working on web since 95). What exactly did Facebook contribute that was positive that helped the world as a whole?

[blarn]

Facebook imo has contributed more positive than negative. It's easy to quickly judge FB as an evil company because of the media recently, but, just for starters, here are a few things FB has done well:

  - Connected people from all around the world
  - Empowered small businesses
  - Is very pro-charity (e.g. "birthday" charity donations)
  - Allowed people to organize themselves online (groups)

[monsieurbanana]

Sorry about the late reply. I did not intend to imply that Facebook was an overall positive for the world, or a negative one for that matter, it's just not something I've thought about too deeply.

I just think the world would be very different without Facebook and the other social networks.

[lostlogin]

“If I didn’t do it, someone else would”, “I was just following orders”.

[dpark]

This is unfair and unreasonable. You pivoted a discussion about JS capabilities into a Nuremberg defense metaphor. We're talking about JS-triggered network activity, not murdering civilians. And inevitability, not a lack of responsibility.

Moreover, he's right. JS would have to be fundamentally crippled (no network activity at all) to enforce this. And if you did that, someone would have built equivalent functionality because people wanted it. In fact someone did build an equivalent, actually multiple: ActiveX, Flash, Java Applets.

[hndamien]

We can design to constrain the worst parts of human nature and thereby make us better humans.

[hndamien]

For example, excise taxes on cigarettes?