DEV Community πŸ‘©β€πŸ’»πŸ‘¨β€πŸ’»

Cover image for People disable javascript in their browser? 😱 Give 'em something to cry about!
IroncladDev
IroncladDev

Posted on

People disable javascript in their browser? 😱 Give 'em something to cry about!

Did you know that two percent of people that use the internet disable javascript in their browser? That's a surprising amount.

Guess what? If you're a web developer using react, jquery, or some other js lib, it's gonna go haywire on them. Pitiful, eh? It won't even run! If you are using react on the client side for a simple application, it won't even run.

In this article, I'm going to show you some pretty (dark) techniques to make them turn javascript on forever.

1. The tag

This tag will display an html document on top of the existing one if javascript is disabled. All you have to do is put it in your html somewhere. You can not only store text, but also meta tags, headers, html bodies, and more!

<noscript>
  <h1>Only Monkeys don't use javascript in their browser!</h1>
</noscript>
Enter fullscreen mode Exit fullscreen mode

Something I've found useful on stackoverflow is redirecting them to a different page in your site.

<noscript>
  <meta http-equiv="refresh" content="0;URL=/monkeysdontusejs">
</noscript>
Enter fullscreen mode Exit fullscreen mode

Pro Tip: Store a massive gif that takes up almost the whole screen size in the noscript tag or a rickroll video.

2. The IP logger prank

You can still log user IP addresses even when a client lives with javascript disabled.

I used Next.js for this since it does server-side rendering and can collect some sweet props from the backend and pass it to the frontend for you.

What I did was use the request-ip npm package and pass that as a prop from the backend with getServerSideProps.

import requestIp from 'request-ip'

...

export async function getServerSideProps(ctx){
  return {
    props: {
      addr: requestIp.getClientIp(ctx.req)
    }
  }
}
Enter fullscreen mode Exit fullscreen mode

Here's the example: https://next-gen-noscript-killer.ironcladdev.repl.co/
And the code: https://replit.com/@IroncladDev/next-gen-noscript-killer

And I promise I'm not logging and stealing IPs. I don't even know what to do with one if I have it.

Well, what can you do with this? Maybe state something about still being able to log ips which makes no difference or that disabling javascript is a security vulnerability. Go wild!

3. Render your whole website with javascript

That'll make them feel left out. Even if a client has javascript disabled, they'll turn it on for a few sites that require it.

This isn't recommended for production websites, but yeah it works well.

If you don't want to do that, maybe render your css with javascript or make it so that they can't interact with any apis/backend functions. Get dirty!

4. Whoops.

Looks like @inhuofficial is gonna come after me for writing about making accessibility worse.

This article was for fun, and should be used for fun and not in production-level websites.

Adding some of these to your personal website or making a prank site would be reasonable.

Welp, have fun, don't get too dirty, and please share your ideas with me on how to take this a step further!

Also, happy new year!


Liked this post? Be sure to subscribe to my newsletter for new posts, new projects, recaps, and more!

Join my discord to get in touch and hang out!

Top comments (24)

Collapse
 
donaldsebleung profile image
Donald Sebastian Leung

There's a good reason some people refuse to run JavaScript in their browser (though I am not one of them), as outlined by the Free Software Foundation: gnu.org/philosophy/javascript-trap...

Please don't be that person who makes their lives miserable (even if it's just 2% of the Internet population) just because they choose not to trust arbitrary JavaScript code from a (possibly untrusted) website :-(

Collapse
 
jankapunkt profile image
Jan KΓΌster

Their (gnu) perspective is highly debatable as it focuses on freedom of code. So if I release my full blown js app under agpl license (which we actually do!) and if I do it for a better good for the public (which we also do!) then their argument is invalid.

Collapse
 
cicirello profile image
Vincent A. Cicirello

Read the entire gnu article. They cover this. What you are doing (releasing your app under agpl) is an example of what they argue should be done. They provide a link near end of article covering how to state license details, etc.

Thread Thread
 
jankapunkt profile image
Jan KΓΌster

This discussion is about disabling JavaScript and my argument is that if I publish my app via agpl and disclose the source and do some good then there is no reason to disable JavaScript so the argument is not good for why people should disable JavaScript. Our app fulfills all their requirements yet it's a pure JS app.

Collapse
 
grahamthedev profile image
GrahamTheDev

Your New Years resolution should be to not β€œpoke the bear” calling me out on articles you know are going to anger me 😜🀣

Seriously though funny article with some actual useful tips sprinkled in there (the meta refresh in a no script is one I love ❀️) and it is obviously my silly sense of humour πŸ˜„

Much deserved β€οΈπŸ¦„ from me!

Collapse
 
ironcladdev profile image
IroncladDev

lol I'm glad I didn't get a whooping from the accessibility master!

Collapse
 
grahamthedev profile image
GrahamTheDev

Hehe I don’t know if this reputation I have is a good or a bad thing but either way it makes me smile πŸ˜ƒ 🀣.

Collapse
 
nikitakhutorni profile image
Nikita Khutorni

This is hilarious :'D

Collapse
 
darkwiiplayer profile image
π’Š©Wii πŸ’–πŸ’›πŸ’šπŸ’™πŸ’œπŸ’πŸ’Ÿ • Edited on

In this article, I'm going to show you some pretty (dark) techniques to make them turn javascript on forever.

More like leave that shitty site and never look back

Well, what can you do with this? Maybe state something about still being able to log ips which makes no difference or that disabling javascript is a security vulnerability. Go wild!

It makes a huge difference. And it's enabling javascript that is the security vulnerability ;)

Even if a client has javascript disabled, they'll turn it on for a few sites that require it.

Or just leave


But yea, it's sad how many websites need javascript to sow static content. In my opinion, this is primarily a sign that many "web"-developers these days don't understand the technologies they're working with and don't know any better than to write their entire website in JS.

Collapse
 
oniichan profile image
yoquiale

Disagree, js is also used to create cool interactions and effects.

Collapse
 
darkwiiplayer profile image
π’Š©Wii πŸ’–πŸ’›πŸ’šπŸ’™πŸ’œπŸ’πŸ’Ÿ

Yes, there are indeed very valid use-cases for JS on static websites.

These use-cases, however, should not be used as an excuse to make a whole website of static content unavailable to a user who wants to opt out of providing websites with access to their processing power because they don't want to audit any website they use for potential crypto-miners.

Thread Thread
 
oniichan profile image
yoquiale

Who would stop using JavaScript on their static websites because of some conspiration paranoid?

Thread Thread
 
darkwiiplayer profile image
π’Š©Wii πŸ’–πŸ’›πŸ’šπŸ’™πŸ’œπŸ’πŸ’Ÿ

People who aren't massive dicks

Collapse
 
sargalias profile image
Spyros Argalias

Lol, I love it. I'm gonna start using these tips in production.

If we don't have JavaScript, we don't have nothing!

Collapse
 
ironcladdev profile image
IroncladDev

Very true. Without javascript, I'm not a web dev.

Collapse
 
19wintersp profile image
Patrick Winters

Yeah no don't do this

Collapse
 
peerreynders profile image
peerreynders

please share your ideas with me on how to take this a step further!

In November 2020 heydonworks.com went the opposite direction β€” to view the web site you had to disable JavaScript:

But JavaScript isn't the point
… it, is that forcing a visitor down a specific path just so that they can access the content is a burden that they should not carry.

In truth most visitors wouldn't know how to disable JavaScript even if they wanted to. Which leads us back to:

and not in production-level websites.

Sure but some other resources might be nice:


Unrelated but perhaps thought provoking β€” (Mobile) Apps Must Die (2011):

(Native) apps are a remnant of the Jurassic period of computer history, a local maximum that is holding us back.

Collapse
 
jankapunkt profile image
Jan KΓΌster

How is this an accessibility issue? I would even say that disabling js can cause accessibility issues. For example: we use js to generate browser speech synthesis for functional illiterates to be able to read any text.

"bUt ScReEnReAdErS" - yeah no one has them installed because many functional illiterates can't but they know how to open a browser or scan a qr code. With js disabled they would actually have a real disadvantage here.

Collapse
 
jzombie profile image
jzombie

As recently as 2007 (15 years ago), I was blocking JavaScript on nearly every site I visited because I didn't trust it, didn't understand it.

By 2008 it became my favorite language.

Collapse
 
artidata profile image
Imaduddin Haetami

How did you know the number? You made it up? I think it should be way lower than that.

Collapse
 
ironcladdev profile image
IroncladDev

What number?

Collapse
 
artidata profile image
Imaduddin Haetami

The two percent

Collapse
 
vreezyde profile image
Lars Eschweiler

In Germany you have to serve a no javascript Site with an Impressum and contact data. It's a law. But no one does it or control it. I think other contries have similar laws.

Collapse
 
snelson1 profile image
Sophia Nelson

Thanks for writing this!

Stop sifting through your feed.

Find the content you want to see.

Change your feed algorithm by adjusting your experience level and give weights to the tags you follow.