Most security experts agree that javascript should be disabled in your browser as well as any other client side scripting languages. These languages have many security flaws in them and you should not allow sites you do not trust to run code on your computer. Something good about Internet explorer is that it has different internet zones and you can add sites you trust to allow them to have javascript while all others do not. Firefox does not have this nativly built into the program, but there is a great extension to do this, noscript.
I have been using noscript for about a week now and have to admit it
is not all that bad. At first glance it is quite nice, around 95% of
the ads blocked because they use javascript to display them. On the
other hand, there are quite a few sites that totally depend on
javascript, especially for menus. One site that I found recently that
totally dies without it is the Seattle Seahawks
site. The page just does not load any content, its just a white page.
The reason is that the site uses javascript to redirect to their actual
index page rather than a server side language. It is just bad
programming.
Another issue with turning off javascript is all of
these new ajax sites. To get these sites working you have to whitelist
them. The add-on allows for permanent or temporary whitelisting. If you
trust a web site and visit it often you can add it to the permanent
list. This will allow you to visit the site without any restrictions.
It will still block any external javascript files that are loaded from
sites different than the one you are on. These files are usually ads
and can be safely blocked. You can also whitelist on a temporarily
basis. This works great if you only want to give a site access for one
visit.
All-in-all surfing without javascript enabled by default
can be done and it is easy to work with for a technically advanced
person. The issue is that most people who should be running without
javascript do not know how to setup the whitelisting. They will just
whitelist everything similar to software firewalls. If everything is
whitelisted then the whole point of the software is null.
