قالب وردپرس درنا توس
Home / Apple / Michael Tsai – Blog – The Potential Benefits of a JavaScript Whitelist

Michael Tsai – Blog – The Potential Benefits of a JavaScript Whitelist



Brent Simmons:

What I want is two related and similar things:

  • Ability to turn off JavaScript by default and turn it on only for selected sites. (For me who would be sites like GitHub.)
  • Ability to turn cookies off by default and turn them back on only for selected sites.

If it is the opposite – If I need blacklists instead of the whitelist – then I will always be blacklisted. And the first time I go to a website, code will be run before I decide to allow it.

Nick Heer:

When you think about it, it's pretty nuts that we allow automatic execution of any code a web developer wrote. We do not do anything else, really ̵

1; certainly not to the same extent as possibly hundreds of websites visited daily, each with a dozen or more scripts.

[…]

It confuses me as spurs, ad networks, cryptocurrency miners, and picture boxes are all written for the web in the same language and that there is little granularity in how they are treated. You can either turn off all scripts and lose key functionality on some websites, or you can turn everything on and accept the risk that your CPU will be monopolized in the background.

What if the pages were allowed a certain amount of JavaScript CPU time, beyond what they had to ask for more from the user?

I would also like to see a report on what JavaScript does, ie what information it reads and which servers it contacts. Part of the reason why things have become so unknown is that users can't see what's going on. I like how the iCab browser will always report if a page has valid HTML and how the macOS battery menu shows which apps use significant energy.

Kyle Howells :

My number one feature request for Safari, a white list for Javascript usage, default as disabled when the whitelist is enabled. Battery life doubled in one function!

Previous: Intelligent tracking prevention 2.2.

Battery Life iCab iOS JavaScript Mac Safari Web

Stay updated by subscribing to the RSS feed for this post.

]
Source link