> We tell users not enable javascript because it's inherently unsafe > within Freenet. > Then, we use javascript within Freenet (as far as the user can tell), > as if we /expect/ them to ignore what we've suggested.
Ok, so you are worried about the unlikely possibility that a user who has not disabled Javascript will assume (incorrectly) that there is JavaScript in the page retrieved from Freenet. Come on! That is lame. If the user is smart enough to know that a pop-up window requires Javascript, and that is a threat, then they are smart enough to realize that the Javascript is coming from us, not off Freenet. > I have javascript disabled on everything > by default anyway... I think what is really going on here is that you guys don't like Javascript - period. Whatever your prejudices, a browser running Javascript from a trusted source does not compromize Freenet's goals, and that is all I am proposing here. Just because a very small number of users are both smart enough to suspect a problem, but not smart enough to know that it is nothing to worry about - is no basis on which to make design decisions. Ian. -- Ian Clarke ian@[freenetproject.org|locut.us|cematics.com] Latest Project http://cematics.com/kanzi Personal Homepage http://locut.us/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20021220/c3b462e2/attachment.pgp>
