Perhaps because is usually deployed by web designers, not software engineers or sysadmins. Designers who are given with minimal to no maintenance budget, if they're even retained by the client after they deliver a website design. In practice, JS is a hot mess of known bugs and security holes, running on your browser without you knowledge or consent (unless you use etc).

!

@mangeurdenuage Executing code in a web browser *without explicit permission from the user* is a mistake. As we've seen with mobile, normalizing downloading native apps for everything is also a mistake. In practice, it helps the biggest platforms starve the web of users by keeping them away from the web browser.

@alcinnz

@strypey @mangeurdenuage@loadaverage.org The (weak) line I like encouraging people to draw is that The Web is for publishing information, native apps are for supporting interactions.

Sigh, it was recently suggested to me to install an app for recipes. I didn't say that I dissaprove of distributing this information as an app.

>Executing code in a web browser *without explicit permission from the user* is a mistake.
I agree that code execution isn't what is unethical but what you described is. But in terms of design web browsers should have stayed to render text and images, and not what could be almost compared to an OS today.

@mangeurdenuage I understand that perspective, but I disagree. As I pointed out, users will only ever use a handful of native apps. Deploying apps on the web allows devs to try new things without having to convince users to install a new app just to try it out. Would the fediverse be as big as it is if users had to install a native app just to try it?

>Deploying apps on the web allows devs to try new things without having to convince users to install a new app just to try it out.
Same problem from my perspective.
>intall app
get security holes and malwares
>use JS in website
get security holes and malwares

>Would the fediverse be as big as it is if users had to install a native app just to try it?
The fedi became popular because malicious people invested resources in other ill intended people, thanks to them there's projects like eunonia are directly funding gargron.
The average computer user is not fit to do anything on a computer besides using text software.

@strypey @mangeurdenuage@loadaverage.org @alcinnz I mostly agree but... the Web can't provide an offline experience but apps can.

@alvarezp web apps can too. allows me to browse the fediverse while offline about as effectively as a native app would. Not that I'm arguing for replacing all native apps with web apps that support offline use ;)
@alcinnz

@strypey @alvarezp I'd add that I don't believe needs to be written in HTML/CSS. e.g. you could distribute an EPUB (tar'd HTML) over The Web instead.

I seem to disagree with Mozilla here.

@seven in the sense that you can avoid it by not using the web, or by turning it off and having the vast majority of the web not work. Click the hashtag for all the examples I've collected. For it to be truly optional, web devs need to use it only for things that plain HTML/CSS can't do, and browsers need to make tools like NoScript standard, so users can opt-in to JS when it serves them.

@strypey I mean I get it, but, it's client side scripting. What browsers allow in that context is actually, the browsers fault... They could easily allow rustscript (please god don't do that, and if you do you owe me a nickle per line of code) or anything else... #BlameBrowsersNotCode

@seven
" really could run and Engine 3 in 2013"

Woah. That is kind of cool.

@dokuja

I mean yeah, JS syntax and function is shit, but...

It is up to the interpreter to execute it (fing node not withstanding here, though still just a glorified translator for a language no one serious cares about, tell me I'm wrong I dare you, which is an ABOMINATION, yes I said it, it's literally what jesus died to prevent. O_o)

You still should blame the thing letting it run, even though we all know, it shouldn't run...

@strypey

@seven
> JS syntax and function is shit, but...

I can't code JS so I'm not really in a position to judge those things. My issue is with client-side scripting in general, being a) run without permission by default, with no tools for selective op-in (browser makers' fault), and b) lazy over-use, eg pages that won't even load text and images without JS turned,on (web designers' fault). Like @dokuja says, it takes two to tango.

@seven not sure what point you're making here. Care to elaborate?

Sign in to participate in the conversation
Mastodon - NZOSS

This Mastodon instance is provided gratis by the NZ Open Source Society for the benefit of everyone interested in their own freedom and sharing with others. Hosting is generously provided by Catalyst Cloud right here in Aotearoa New Zealand.