|
|
|
|
|
|
by kazinator
4228 days ago
|
|
|
People who use tools like NoScript are helping promote better security around the entire web. When my browser executes malicious code, it attacks someone else. So it's not just for my benefit. As a web developer you can help by: - not pulling JS from a dozen different sites. Host whatever you want me to run in your own domain, as much as possible. - detect that JS is disabled and put up some warning, like "site requires JavasScript". - Say which Javascript (from which domains) are used for what: which are must haves for even basic functionality, and what doesn't work if the others are not enabled. For instance, I've never seen anything break (from my end) if I blocked JS from Google Ad Services or Google Analytics. |
|
|