• PhilipTheBucket@ponder.catOP
    link
    fedilink
    arrow-up
    2
    arrow-down
    1
    ·
    16 hours ago

    Pretty sure this isn’t true, it loads fine for me in elinks. Also, why aren’t you using javascript?

    • Waffle@infosec.pub
      link
      fedilink
      arrow-up
      3
      ·
      15 hours ago

      More secure to disable sites from running js. There may also be performance considerations if sites are running js client side

      • PhilipTheBucket@ponder.catOP
        link
        fedilink
        arrow-up
        1
        ·
        15 hours ago

        I don’t think this is true. Or… I guess it is true, but I think the security benefit from not running JS is overhyped. Most vulnerabilities in the browser don’t involve the JS interpreter, since its security gets a lot of attention and there are a lot of other components which are equally capable of compromising everything as well. You could use Tor to keep your identity private, use an ad blocker to remove tracking which doesn’t need to involve JS, keep up-to-date on security which is critical to do anyway, and then disable JS on top of that but at that point I think you would be getting around a 10% improvement in security or something, when the other factors are a lot more significant.

        Maybe I shouldn’t say it’s always a bad idea, but disabling it and then going around complaining about sites that don’t work sounds a lot like a self-created problem to me. A lot of sites don’t work without JS.