Yes, but it would break many pages and it wouldn’t protect you from many attacks.
It’s like wearing a gas mask: you can still be hit by a car or bitten by a dog, it ruins your walk in the park, but it makes you immune to some toxins.
this post was submitted on 30 Aug 2025
28 points (96.7% liked)
Ask Lemmy
34319 readers
1044 users here now
A Fediverse community for open-ended, thought provoking questions
Rules: (interactive)
1) Be nice and; have fun
Doxxing, trolling, sealioning, racism, and toxicity are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them
2) All posts must end with a '?'
This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?
3) No spam
Please do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.
4) NSFW is okay, within reason
Just remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either !asklemmyafterdark@lemmy.world or !asklemmynsfw@lemmynsfw.com.
NSFW comments should be restricted to posts tagged [NSFW].
5) This is not a support community.
It is not a place for 'how do I?', type questions.
If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email info@lemmy.world. For other questions check our partnered communities list, or use the search function.
6) No US Politics.
Please don't post about current US Politics. If you need to do this, try !politicaldiscussion@lemmy.world or !askusa@discuss.online
Reminder: The terms of service apply here too.
Partnered Communities:
Logo design credit goes to: tubbadu
founded 2 years ago
MODERATORS
Yes, as it basically is just foreign, untrustworthy Code executed on your own PC.
But total blocking will make most of the web unusable.
I use a selective Script blocker extension (Noscript), that lets you instead choose which domains are allowed to use Javascript.
Works great after the initial try-and-error setup phase.
Yes because scripts can execute on page load just by visiting the site. I block by default and only allow as needed on sites.
Noscript ftw. It might break lots of sites on first load but you get to see what other domains get snuck in.
Yes, a lot safer. Even bugs in the renderer or media player would typically be triggered by JavaScript by say, moving elements around really fast or whatever.
Without JavaScript, the browser renders that page and that's it, there's no JS to modify it or open popups, nothing to dynamically load/refresh content. The most you can do without JS is animations and responding to simple events like changing the color of a button when the mouse is over it. So your only shot to attack this is the renderer during initial page load, once.
Yes. Most malicious code will be rendered by your browser using JS.
To simplify this I run two browsers, one for logins and the other for general usage without JS enabled.
No JS also makes surfing more private as your browser discloses far less information about your computer. Check out any of the browser fingerprinting sites with and without JS running. The details about your computer are far greater with JS enabled.
Bonus, seldom does a paywall stop me from reading an article. You know those popup that tell you how many free articles you have left this month? Most sites use JS to keep track of that.