Security and Javascript

Fabian Keil freebsd-listen at
Sat Jun 29 10:49:54 UTC 2013

Michael Kesper <mkesper at> wrote:

> Am 2013-06-28 13:10, schrieb Fabian Keil:
> >> And the last question: if all above is true, do we want to tell this
> >> to the public? Does it help? Or would we be seen as being completely
> >> paranoid.
> > 
> > I think at first the FSFE should make sure that its own website
> > properly works without JavaScript enabled. A good start would be
> > fixing or ditching EtherPad whose developers apparently don't care
> > about accessibility.
> You're mixing up things:
> The FSFE website per se shouldn't require JS at all.

I'm not sure what I'm supposed to be mixing up.
Are you saying EtherPad isn't part of the FSFE website?

> Tools like etherpad are really useful and I don't think they can be
> implemented without a certain amount of JS at the moment.

Allowing users to read and modify a text with a browser isn't rocket
science and doesn't require JavaScript.

> That etherpad isn't accessible is a shame, but I think it's not a
> restriction of JS per se.

Of course it's not a restriction of JavaScript per se but the
result of EtherPad not being designed to work without JavaScript.

I'm not saying the user experience with and without JavaScript
has to be exactly the same, but apparently recent EtherPad versions
even require JavaScript to read the text.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <>

More information about the Discussion mailing list