www-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

www/philosophy javascript-trap.html


From: Richard M. Stallman
Subject: www/philosophy javascript-trap.html
Date: Fri, 8 Mar 2019 14:39:07 -0500 (EST)

CVSROOT:        /web/www
Module name:    www
Changes by:     Richard M. Stallman <rms>       19/03/08 14:39:07

Modified files:
        philosophy     : javascript-trap.html 

Log message:
        Substantial rewrite to make it clear to non-programmers.
        
        Clarify the [...] nontriviality rule.

CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/philosophy/javascript-trap.html?cvsroot=www&r1=1.72&r2=1.73

Patches:
Index: javascript-trap.html
===================================================================
RCS file: /web/www/www/philosophy/javascript-trap.html,v
retrieving revision 1.72
retrieving revision 1.73
diff -u -b -r1.72 -r1.73
--- javascript-trap.html        22 Feb 2019 09:54:15 -0000      1.72
+++ javascript-trap.html        8 Mar 2019 19:39:07 -0000       1.73
@@ -41,16 +41,26 @@
 software, and disregard the issue.</p>
 
 <p>Some sites still use JavaScript that way, but many use it for major
-programs that do large jobs.  For instance, Google Docs tries to download into
-your machine a JavaScript program which measures half a megabyte, in a
-compacted form that we could call Obfuscript because it has no
-comments and hardly any whitespace, and the method names are one
-letter long.  The source code of a program is the preferred form for
-modifying it; the compacted code is not source code, and the real
-source code of this program is not available to the user.</p>
+programs that do large jobs.  For instance, Google Docs tries to
+install into your browser a JavaScript program which measures half a
+megabyte, in a compacted form that we could call Obfuscript.  This
+compacted form is made from the source code, by deleting the extra
+spaces that make the code readable and the explanatory remarks that
+make it comprehensible, and replacing each meaningful name in the code
+with an arbitrary short name so we can't tell what it is supposed to
+mean.</p>
+
+<p>Part of the <a href="/philosophy/free-sw.htnm">meaning of free
+software</a> is that users have access to the program's source code
+(its plan).  The source code of a program means the preferred form for
+programmers to modify -- including helpful spacing, explanatory
+remarks, and meaningful names.  Compacted code is a bogus, useless
+substitute for source code; the real source code of these programs is
+not available to the users, so users cannot understand it; therefore
+the programs are nonfree.</p>
 
-<p>In addition to being nonfree, many of these programs are malware
-because
+<p>In addition to being nonfree, many of these programs
+are <em>malware</em> because
 they <a href="http://github.com/w3c/fingerprinting-guidance/issues/8";>snoop
 on the user</a>.  Even nastier, some sites use services which record
 <a 
href="https://freedom-to-tinker.com/2017/11/15/no-boundaries-exfiltration-of-personal-data-by-session-replay-scripts/";>all
@@ -100,20 +110,21 @@
 practice this capability is limited and inconvenient; merely to make
 it do something is an impressive hack.  Such programs ought to be
 free, but CSS is not a serious problem for users' freedom as of
-2016.</p>
+2019.</p>
 
 <p>A strong movement has developed that calls for web sites to
 communicate only through formats and protocols that are free (some say
 &quot;open&quot;); that is to say, whose documentation is published and which
-anyone is free to implement.  With the presence of programs in web
-pages, that criterion is necessary, but not sufficient.  JavaScript
+anyone is free to implement.  However, the presence of JavaScript programs
+in web pages makes that criterion insufficient.  The JavaScript language
 itself, as a format, is free, and use of JavaScript in a web site is
-not necessarily bad.  However, as we've seen above, it also isn't
-necessarily OK.  When the site transmits a program to the user, it is
+not necessarily bad.  However, as we've seen above, it can be bad&mdash;if
+the JavaScript program is nonfree.  When the site transmits a program
+to the user, it is
 not enough for the program to be written in a documented and
-unencumbered language; that program must be free, too.  &ldquo;Only free
-programs transmitted to the user&rdquo; must become part of the criterion
-for proper behavior by web sites.</p>
+unencumbered language; that program must be free, too.  &ldquo;Transmits only 
free
+programs to the user&rdquo; must become part of the criterion
+for an ethical web site.</p>
 
 <p>Silently loading and running nonfree programs is one among several
 issues raised by &quot;web applications&quot;.  The term &quot;web
@@ -160,7 +171,8 @@
 
   <li>it does Ajax calls.</li>
 
-  <li>it does <b>[&hellip;]</b> calls.</li>
+  <li>it uses bracket notation for dynamic object property access,
+which looks like <b><em>object</em>[<em>property</em>]</b>.</li>
 
   <li>it alters the DOM.</li>
   
@@ -284,7 +296,7 @@
 
 <p class="unprintable">Updated:
 <!-- timestamp start -->
-$Date: 2019/02/22 09:54:15 $
+$Date: 2019/03/08 19:39:07 $
 <!-- timestamp end -->
 </p>
 </div>



reply via email to

[Prev in Thread] Current Thread [Next in Thread]