Sarah Withee+ Your Authors @geekygirlsarah Software engineer & hardware tinkerer. Intl public speaker. Artificial pancreas owner. Board of dir @prototypepgh. Only uses 100% organic sarcasm/puns. she/her May. 13, 2020 2 min read + Your Authors

I've been using NoScript, a browser extension that disables all JavaScript and lets you enable them on a server-by-server basis. Let me tell you about what I've learned and how broken the internet experience has been since doing this a few weeks ago.


First, right off the bat sites seem to fall into 3 categories:

- Blank white screens (45%)
- Sites with some things but most content doesn't load (50%)
- Sites that still mostly work (extremely rare, maybe 4%)
- Sites that fully work (less than 1%)


Second, I almost always tell a site their own JS is "trusted". That usually allows a page to mostly work, content to fill in,etc.

Next things to break are:
- Login forms
- Contact forms
- Basic button/link interactions

These should work from basic HTML but don't anymore


Third, the vast majority of sites anymore have 5 or more outside (third-party) servers that have JavaScript loading things on them. These seem to be:

- Ad networks
- Analytics
- Debuggers
- Trackers
- Legit services site needs


Fourth, obviously Google dominates the web. It's easy to block google-analytics .com & such. What's harder is things like ReCaptcha, since it loads off of google .com, among other services people use often. The newer versions of that track your movements/clicks all over.


And now we're at a point where it's harder to even just log in to a service without having to also fill out a Google ReCaptcha form. Two issues with this:
- You have to agree to Google's Privacy Policy (despite you not using their service)
- You can't opt out


Fifth, with logging in, they often break. Your data isn't submitted with forms anymore, you have a dead form submitted with JS. The good ones work if you reenable the site's JS. The bad ones work only if you reenable all JS because they pass your login around so much.


Sixth, there's fun things where text boxes don't store their own text anymore. Like I can type in things but the Submit button doesn't turn on because it hasn't realized text was in. JS logs keystrokes to store in variables then fills text box. No JS, no logging...what?!?


Seventh, other fun misadventures happen. For example, I'm locked out of a Microsoft account. Why? Because by the time I figured out all the JS entries to enable from going from>>>>etc., I look like a hacker.


I'm sure there's other things I'm forgetting.

I'm not anti-JavaScript, I'm anti-everything-through-JS. Why? It breaks basic functionality of the web. I can't disable trackers. I can't protect my privacy. And most of all, even things like typing and buttons just quit.


Can we please stop doing ridiculous nonsense with websites that don't need it? You don't need JS to make a button press or JS to make a link work or JS to type text or JS to load all content on a page or... just no.

Developers, stop breaking the web, please.


To end this... I may have to remove this extension in the end and just block more through ublock because the internet is becoming literally more and more unusable and privacy-invading and I hate it.

You can follow @geekygirlsarah.


Tip: mention @threader_app on a Twitter thread with the keyword “compile” to get a link to it.

Enjoy Threader? Sign up.

Since you’re here...

... we’re asking visitors like you to make a contribution to support this independent project. In these uncertain times, access to information is vital. Threader gets 1,000,000+ visits a month and our iOS Twitter client was featured as an App of the Day by Apple. Your financial support will help two developers to keep working on this app. Everyone’s contribution, big or small, is so valuable. Support Threader by becoming premium or by donating on PayPal. Thank you.

Follow Threader