Do you disable Javascript on certain pages?

[ninaholic37]

I used to always keep it on, but noticed an annoying tracking script here that phones "Lexity" every 2 to 3 seconds, so I went into about:config and disabled javascript, then realized how much I like most of the web better with js off. I then installed a button on my toolbar called JS Switcher as a "kill switch" to easily turn javascript on an off (NoScript always seemed overly convoluted to me), and now I normally keep js off unless there's a site that truly needs it for what I want.

Internet seems a lot cleaner now. As a bonus, it seems to disable most ads too. I started using m.facebook.com instead of www because it doesn't need js either.

 

[lxskllr]

I use NoScript, but most scripts are blocked most of the time. To fix functionality, I'm not willing to allow all scripts to get the ones I want. I voted yes, but that probably isn't what you meant.

 

[cubby1223]

I gotta say, I did some troubleshooting for a client last year who was experiencing periodic problems with a bug in yahoo's new webmail interface changes, something that random people were also experiencing without any solution.

Anyways, I found for them the Chrome extension that sets the browser identification for specific websites only, and set it to IE6 for webmail, causing Yahoo's site to send the previous version back to the client rather than this newest "feature"-enhanced version.

Yea, when I had Chrome set to identify itself as IE6 globally, the whole internet became much more friendly to browse, ads were gone, useless scripts were gone, animated sliding pop-up windows were all gone. The web was good.

 

[TheRyuu]

Yea, when I had Chrome set to identify itself as IE6 globally, the whole internet became much more friendly to browse, ads were gone, useless scripts were gone, animated sliding pop-up windows were all gone. The web was good.

This sounds like a (really) bad idea, we have proper ways to do that with extensions.

IMO the best tradeoff is allowing first party scripts and blocking third party scripts by default. Prevents the breaking from being too annoying and intrusive. You can do both with uBlock (or uMatrix), I believe NoScript can provide more granularity though (on Firefox).

 

[ninaholic37]

IMO the best tradeoff is allowing first party scripts and blocking third party scripts by default. Prevents the breaking from being too annoying and intrusive. You can do both with uBlock (or uMatrix), I believe NoScript can provide more granularity though (on Firefox).

Blocking third party scripts does sound like a good default (unless the site uses two different sites to function maybe?). I'm trying a new distro and didn't redownload µBlock yet until now, from curiosity of your post, and it looks like it actually does block that script I mentioned too. Nice to know there's a lot of options.

Yea, when I had Chrome set to identify itself as IE6 globally, the whole internet became much more friendly to browse, ads were gone, useless scripts were gone, animated sliding pop-up windows were all gone. The web was good.

Haha yes. I did the same thing a few months ago but using "Firefox 3.6" as the identity. I thought that would make my machine a target for "older exploits in the wild" but since they've been patched I guess they wouldn't get through anyway. As you said, the web did look a lot simpler and cleaner to accommodate my pseudo old browser. Maybe identifying as IE6 would work better though, as a few sites complained that my Firefox was out of date. ^_^

 

[Dude111]

I used to always keep it on, but noticed an annoying tracking script here that phones "Lexity" every 2 to 3 seconds, so I went into about:config and disabled javascript, then realized how much I like most of the web better with js off.

I use IE6 and i 99% of the time have scripts disabled YES....

Its safer and stuff loads MUCH FASTER w/o the scripts!!

 

[Spacehead]

NoScript user here with a very small whitelist.

 

[Dude111]

Isnt noscript a pain though???? (You gotta approve everything) -- I can do that also if I set it to PROMPT instead of disabled but its easier to flat out have it all disabled.. (UNLESS I NEED SCRIPTS of course (Which a couple sites I goto wont work w/o them))

 

[cubby1223]

Haha yes. I did the same thing a few months ago but using "Firefox 3.6" as the identity. I thought that would make my machine a target for "older exploits in the wild" but since they've been patched I guess they wouldn't get through anyway. As you said, the web did look a lot simpler and cleaner to accommodate my pseudo old browser. Maybe identifying as IE6 would work better though, as a few sites complained that my Firefox was out of date. ^_^

Changing what the browser identifies itself as doesn't change how the browser reads and interprets the html/css/javascript/etc, there is no increased security vulnerability.

What changes on occasion is some of the major web sites often keep their old plain-jane layouts on their servers, and serve out this alternate version when the client identifies itself as a legacy browser.

 

[balloonshark]

Isnt noscript a pain though???? (You gotta approve everything) -- I can do that also if I set it to PROMPT instead of disabled but its easier to flat out have it all disabled.. (UNLESS I NEED SCRIPTS of course (Which a couple sites I goto wont work w/o them))

It's a little annoying but so is malware. Blocking scripts, java, flash, etc. is your first line of defense against malware. If a script is malicous and is allowed to run and it finds a known or unknown vulnerability you could be in trouble.

You can "train" noscript for the sites you use so it allows the scripts you need when you go back to the site. You either trust a site you use daily that needs certain scripts to function or you don't trust it. This page needs anandtech.com and yahooapis to function poperly so I allow those and it's saved so it's not annoying when I come back.

Sometimes it's a pain though when you land on a page with 20 scripts and you have to play a guessing game of finding which script/s allow the site to function. If I don't know the site or trust it I can "temporarily allow" a certain script to run.

I also think my HOSTS file blocks a ton of sites that the scripts use.

 

[TheRyuu]

Isnt noscript a pain though???? (You gotta approve everything) -- I can do that also if I set it to PROMPT instead of disabled but its easier to flat out have it all disabled.. (UNLESS I NEED SCRIPTS of course (Which a couple sites I goto wont work w/o them))

A less intrusive alternative to NoScript is the dynamic filtering[1] offered by uBlock[2]. Yes you lose some granularity but it should be easier to use (e.g. by blocking third party scripts and iframes only doesn't break as much stuff by default). If you do try dynamic filtering remember to use "noop" rules to unbreak stuff at first so that the filter lists still get applied, the guide covers it pretty well.

Basically for the easiest possible way of doing this you'd globally block 3rd-party scripts and iframes and then use the noop rule on a site to site basis for these same two catagories (3rd-party scripts/iframes). This is about as loose as you can get in terms of the granularity (you're doing nothing on a hostname basis) but is also very easy to do since if something is broken all you have to do is noop scripts most of the time for that sites scope.

[1] https://github.com/gorhill/uBlock/wiki/Dynamic-filtering:-quick-guide
[2] https://github.com/gorhill/uBlock/releases

 

[stockwiz]

I use either ublock or adblock plus with the element hiding helper extension to get the javascript overlays on a page by page basis and slowly build up a list.

Right now it's not ads that are the enemy, it's popup overlays that most commonly ask for your email and block the content you try to see that are the enemy that has not been dealt with really by the ad blockers and has to be done manually.

Loading javascript and dealing with the overlays is still less irritating than blocking all javascript like noscript does.