I regularly run my FireFox browser with JavaScript disabled, using the great NoScript plugin. Keeping JavaScript disabled by default protects me, a little, from malicious sites. “Malicious sites” used to be a codeword for “sites you shouldn’t visit anyway,” but all sites need to be considered malicious, owned by bad guys, until you have a good reason to believe otherwise. Ad networks have accepted ad content containing malware. It happens. Bad guys figure out how to inject code into comments on legitimate sites. And phishing emails are getting so believable that everyone’s going to get caught once in a while. A first visit to a linked web site should let me examine the HTML and the page and decide if this is a site I’d like to trust. Websites that just dump me on a blank page with a disabled Flash animation FAIL.
Sites need to understand there’s good reasons for a client having their JavaScript turned off, and downgrade their presentation gracefully. For example, the http://www.searspartsdirect.com site tells me, “IMPORTANT ! This website requires JavaScript support for proper operation. It appears that your browser does not have this feature enabled. Click here for more information and assistance.” Well done. Proctor and Gamble’s pg.com site, on the other hand, hangs for 10 seconds at a blank page, and then takes me to a generic page (using a NOSCRIPT tag and redirect) telling me “PG.com is best viewed on Netscape or Internet Explorer version 4 or above. To ensure our Web site works on your system, please upgrade your browser…” Oh, puhleez! Wrong in so many ways.