@smallcircles @erick thank you. I'll take a look at those. I appreciate that the site doesn't require JavaScript just to view.
S
seanm@infosec.exchange
@seanm@infosec.exchange
Posts
-
Does anyone have recommendations for a Mastodon fork that doesn't require visitors to enable JavaScript to view basic content? -
Does anyone have recommendations for a Mastodon fork that doesn't require visitors to enable JavaScript to view basic content?@erick it's crazy that this is such a problem. Old Reddit, Twitter, Gmail, and most every popular website started as HTML/CSS functional. There are frontends like Nitter (for Twitter) that show this functionality is still possible.
Why is there such a drive to be so hostile to users and increase the risk to visitors?
-
Does anyone have recommendations for a Mastodon fork that doesn't require visitors to enable JavaScript to view basic content?@jerry unfortunately, it is just a blank page with JavaScript disabled.
-
Does anyone have recommendations for a Mastodon fork that doesn't require visitors to enable JavaScript to view basic content?Just to be clear, I think JavaScript is fine for authenticated or more complex content. If I'm a user of a server, it seems acceptable that I should trust it and enable JavaScript.
However, if I am some random visitor to your instance and just trying to view a post or user profile, that should not require JavaScript.
The JavaScript ecosystem (e.g., npm) is rife with supply chain hacks. Plus, there are many poorly maintained Mastodon instances (e.g., mastodon.social, I think?). Although, I guess those poorly maintained instances are not pulling down the latest backdoored npm packages... Regardless, it is a security risk to require visitors run JavaScript from every instance they visit for simple content.
-
Does anyone have recommendations for a Mastodon fork that doesn't require visitors to enable JavaScript to view basic content?Does anyone have recommendations for a Mastodon fork that doesn't require visitors to enable JavaScript to view basic content? The JavaScript dependency is a security risk and user hostile. Visitors should not be required to enable JavaScript when simply visiting a Mastodon server. Plus, the recommendation to use a native app doesn't even work for all Mastodon/ActivityPub instances.
Also, the requirement for JavaScript makes the Mastodon development team seem incompetent. They can't even make a basic web site that doesn't require JavaScript. I could do that when I was in middle school.
>To use the Mastodon web application, please enable JavaScript. Alternatively, try one of the native apps for Mastodon for your platform.