I went to a Shrek rave for $20

Then explain this

https://www.trumpstore.com/product/trump-2028-hat/

Good, now I need to try it

These updates are fire!

I still think it’s silly to feel safer running the code outside of the browser sandbox, but I also understand. Ad companies have abused browser tracking and fingerprinting so much, and I hate them for it. What I’m trying to say is don’t throw the baby out with the bath water.

As a developer, it’s way easier to build a cross platform websites than maintain a native app for each platform. A lot of “native” apps are actually just web apps in a wrapper or halfway between native and web solution like React Native. Web lowers the barrier of entry to get your app out the door.

The browser is supposed to be a sandbox environment for RCE. That’s why the sandbox part is important. Maybe instead of removing the RCE, we can lock down the sandbox better and reduce the amount of information advertisers can collect.

If you remove code execution in the browser, then many websites will need to ship desktop apps instead. So now you’ve bypassed the browser sandbox altogether and that application can do much more damage.

I’m not arguing that all websites need to execute in the browser, but without code execution in the browser, you remove a whole class of apps and the web becomes much less useful.

Edit: calling it RCE is also kinda obnoxious because at that point you might as well call everything RCE. By that definition, if I push a docker image update, do I have RCE inside any container pulling that image? If there’s a way to break out of docker or web browser sandboxing, by all means call it RCE, but this is not that.

Happy cake day! Celebrate with a drink

So thats how ice scream is made!

Storklink

Can we develop a new VPN protocol where the encrypted traffic is disguised as a 24 hour continuous stream of Never Gonna Give You Up

I was referring to OP’s post because they mentioned “candidates”. I was also agreeing with your comment regarding progressive enhancement lol

You understand if most people stopped using JavaScript they would just find other ways to serve you ads, right? You can already be tracked without JavaScript.

I don’t understand why we are blaming the stealing info part on JavaScript and not the tech industry. Here is an article on how you can be tracked (fingerprinted) even with JavaScript disabled. As for slow websites, also blame the tech industry for prioritizing their bottom line over UX and not investing in good engineering.

I hate default text size

Don’t default to it as it’s too small for a lot of people to read. Optional is fine, but don’t force that small text on me by default, making me go into your small text settings to find the large text setting

Graceful degradation is for people that are angry about the future. Progressive enhancement is for people that respect the past. And it’s stupid to not hire someone only because they don’t know a term that you know.

It’s simple when it’s all SSR or it’s all client side rendered (CSR). In my experience, mixing is when the headache sets in. There are benefits to SSR and CSR. You want a webpage that works without JavaScript, use SSR. You want a persistent video player that continues the current video as you navigate pages on your site, use CSR.

People get so mad about JavaScript then load a dozen 10mb unoptimized image files.

So in this example, what’s the underling issue, shitty business requirements or JavaScript?

I’m a full time React and React Native developer. Imo, the frustrations with react are when you server side render. React without SSR is much simpler. But you are 100% right about picking the technology that meets your project’s requirements.

However, let me play devils advocate. Why do you need to SSR your e-commerce site? To optimize your SEO? Seems to me that SEO lately is a lie we’re being sold to make it easier for LLMs to chew through the entire internet, including your SEO e-commerce site. Imo, search engines have stopped serving the consumer. If we forget the SEO component for a second, you could build a killer e-commerce site that uses React and deliver a great user experience. If this is all about SEO, then I’m sure there is lots of garbage we could inject into our projects that would boost SEO. We could add LLM written top 10 articles to a fake blog on our site that nobody actually wants to read, and boost our Google ranking.

Because big tech has ruined the internet and uses JavaScript among other things, to track you. Some people blame the plastic pollution on improper recycling when we know that’s exactly what the evil plastic industry wants us to do: blame the consumer. Similarly, people think it’s their responsibility to turn off JavaScript when they should be blaming big tech. Even if you get rid of JavaScript, they will just find other creating ways to track you (source). We have to fix the structures running the tech industry.