tags:

views:

730

answers:

12
+1  Q: 

Is it safe to assume Javascript is always turned on?

Duplicate:

Do web sites really need to cater for browsers that don’t have Javascript enabled?
Only supporting users who have Javascript enabled.
How common is it for Javascript to be disabled
How many people disable Javascript?

I've been doing web applications on and off for a few years now and each application I write seems to have more javascript than the previous one.

A frequent comment is: "But what if the user turns off Javascript?".

I take the point, but I've never actually seen a user do this. Not once.

Have you?

+3  A: 

Yes, it happens.

NoScript is a Firefox add-on - downloaded by plenty of people.

No Script

Nebakanezer  2009-05-14 13:24:57
However, note that "gracefully handle" might be implemented as "Show a page explaining the users that they need JS turned on to use the page", not necessarily as "provide the same functionality with JS turned off". This is a business decision and you should study what your market is, and how catering to users without javascript or not affects your end product and your development plans. There are no hard and fast answers.
foljs  2009-05-14 13:36:31
Yep - my "gracefully handle" is "politely not handle"
Nick Pierpoint  2009-05-14 13:41:42
+1  A: 

You should always make sure your site works without javascript.

People turn javascript off for security reasons. Companys sometimes have javascript forced off at their inhouse computers. Also spiders don't have javascript so your site not working without javascript is bad SEO practice.

Pim Jager  2009-05-14 13:26:04
I wouldn't say _always_, if what you're trying to accomplish is a true RIA application, and search engines have no purpose in scrouring your site, you probably don't need to worry so much about supporting non-javascript users. That being said, you still need to handle those users (and tell them they have to have JavaScript enabled)
altCognito  2009-05-14 13:28:27
Something you should mention here is that it depends on what the JavaScript is doing. SEO is not affected if the JavaScript is used for authentication, only on authenticated pages, or simply to animate things already on the page.What is important is to understand that the basic functioning and content of the public side of the site should allow search engines to see everything important.
Brendan Enrick  2009-05-14 13:33:16
This is a business decision --based on what your site is, what your market is, and a cost/benefit analysis of implementing the same functionality with and without javascript. "Always" cannot be applied here.
foljs  2009-05-14 13:37:42
+7  A: 

It depends entirely on what sort of coverage you require.

Do you need 80% 90% 100% of users to be able to use your site / application?

People DO turn off Javascript. The question is, does your site need to work for those people? Can it just tell them to turn it on if they want to continue?

Robin Day  2009-05-14 13:26:15
I take your point; it looks like I can get 95% coverage (@altCognito) without spending extra time (money) handling the non-javascript cases. My applications tend to be "enterprise", so they tend to be more straightforward decisions (relatively fixed setups).
Nick Pierpoint  2009-05-14 13:40:15
+2  A: 

5% of users have JavaScript turned off.

altCognito  2009-05-14 13:26:45
Fantastic site - I haven't seen the javascript statistics before. 5% is becoming vanishingly small for my purposes.
Nick Pierpoint  2009-05-14 13:31:44
Correction: 5% of W3Schools users have JavaScript turned off.
Skilldrick  2009-05-14 13:33:24
This isn't necessarily meaningful, because not every audience is the same. If you're building an corporate intranet, for example, you may be able to push that number to 0.
Joel Coehoorn  2009-05-14 13:33:26
And those users generally do not buy anything. A lot of them have ads turned off, too. It's a business decision whether you want to catter to this kind of users.
foljs  2009-05-14 13:39:25
+8  A: 

This comes up about every other week or so. Did you search first?

See these:
http://stackoverflow.com/questions/121108/how-many-people-disable-javascript
http://stackoverflow.com/questions/379735/how-common-is-it-for-javascript-to-be-disabled
http://stackoverflow.com/questions/740243/only-supporting-users-who-have-javascript-enabled
http://stackoverflow.com/questions/822872/do-web-sites-really-need-to-cater-for-browsers-that-dont-have-javascript-enabled

The main points are:

  • Google doesn't use javascript when indexing
  • Mobile browsers (smart phones like the iPhone) sometimes have bad or non-existent javascript
  • Screen readers don't do javascript well, if at all, and many developers are legally required to support them.
  • Thanks to filters like NoScript, the number of people browsing with javascript disabled (at least initially) may actually be going up.

So yes, you still need to worry about it.

Joel Coehoorn  2009-05-14 13:26:55
I've come to rely on the "suggestions" when asking a question and one didn't come up. I've just done a more general javascript search and... you're right. Lots of answers though, so I'll keep it open. Will try to compile cross-question answers into the question after a few days.
Nick Pierpoint  2009-05-14 13:33:29
@Joel - could you give some examples of bad or non-existent JavaScript on the iPhone? IMHO, I've had one for about 2 weeks and am so far impressed by how well it handles JavaScript heavy sites. I'd be interested if you have any further reading, specifically on the iPhone support?
Russ Cam  2009-05-14 13:35:48
So... sorry about the duplicate. I'll try to repay wasting everyone's time by compiling a nicely written summary. :)
Nick Pierpoint  2009-05-14 13:36:52
Sorry, I should clarify that. I used iPhone to demonstrate the category I'm talking about, but the iPhone doesn't do too bad with javascript. Some of the other devcies, though... not so much.
Joel Coehoorn  2009-05-14 13:37:23
@Joel - The Nokia N95 that I had before was not great at handling JavaScript. For example, in StackOverflow, one could never get rid of the "First Time?" alert at the top of the screen as when you scrolled right to click the X, the alert would move right too so that you could never reach it!
Russ Cam  2009-05-14 14:39:24
+2  A: 

It has become a standard at my office (for better or for worse) to assume that the user has JS installed and turned on. The number of people who have it turned off is getting smaller and smaller every day, but this still doesn't mean that you should forgo performing the necessary validation for submission on the server side as well just in case (as well as some other scenarios).

TheTXI  2009-05-14 13:26:58
+1  A: 

It's rare, but it happens. It really depends on who your user base is. If it's for corporate users, a lot of them have default security settings with javascript disabled. If it's for... pretty much anyone else, odds are they'll have it turned on.

Matt Grande  2009-05-14 13:27:31
+2  A: 

I would say that it is not safe to assume javascript is always on, but it is safe to REQUIRE javascript be turned on.

In other words, you don't need to jump through hoops to make something work without it, just display a message or redirect.

Javascript is an essential technology, and it's not unreasonable to require it.

chris  2009-05-14 13:27:46
+2  A: 

It's rare, but it's possible. If you are launching an application for "everyone" to use on the internet, then yes, you'll have to prepare for such an event. It really depends on your target audience, but the safest assumption is that someone will have it turned off.

From a security perspective, you definitely need to handle this situation, as turning off JavaScript (or worse yet hijacking the scripts you wrote) is an easy to bypass business logic and validation, if it isn't double checked on the server. Requiring it to be turned on is not a good enough defense for stopping people in this situation. Remember you're requesting that the browser tells you what it enabled and disabled. The user (or attacker in this case) is in control of the browser, and you can't trust what it says as it's easy to modify the HTTP headers.

Kevin  2009-05-14 13:27:47
A: 

I run by default with javascript off for new sites (NoScript) plugin. I think many tech-savvy users do the same. At least the ones who are paranoid about XSS attacks.

John Nolan  2009-05-14 13:28:40
Those *paranoid* about XSS attacks are not really tech-savvy.
foljs  2009-05-14 13:41:06
+2  A: 

Depends on who your target audience is. Some users turn off JS for various reasons. Usually, they will enable it for individual sites that need it, but they might not do that if you don't tell them they need it.

If your site just fails to load correctly, they'll assume it's broken. If it shows a "you need JS to view this page" message, then at least they'll know what to do.

Some will then enable Javascript for your site specifically, but some won't, and they simply won't be able to use your site, unless it is functional without Javascript.

jalf  2009-05-14 13:28:53
A: 

It is best practice to code for users that have JavaScript turned off.

As web developer your goal should be to provide the core basic functionality (without JavaScript). This enables all users to fully use your site. Then through the use of JavaScript, in a process known as "progressive enhancement", spruce up elements of the site for users that have JavaScript turned on.

And in the case where JavaScript is off...your site should gracefully degrade.

Web development is one of those arenas where you can't expect anything. Code for all users to maximise your site's accessibility.

Lycana  2009-05-14 13:29:48
"Best practice" based on what? This is exactly the kind of things that needs a cost/benefit analysis. If it takes me twice the development cost to do something for only the 5% of my users, it might not be worth it anyway.
foljs  2009-05-14 13:42:37

related questions

Web framework programming mindset
ASP.NET - asp:xxx Controls versus standard HTML
From Desktop to Web browser considerations
Which PHP Framework will get me to a usable UI the fastest?
Best practice for integrating TDD with web application development?
How to Manage Web Development?
When is a file just a file?
Recommendations for browser add-on tools to help with development
REALLY Simple Website--How Basic Can You Go?
Convince Firefox to send an If-Modified-Since header over HTTPS
What do the getUTC* methods on the date object do?
Planning and Building a mobile enabled site for your main site.
Firebug for IE
Javascript and PHP - Login Script with hidden buttons
Firebug won't display console feeds for some of my sites
Displaying ad content from Respose.WriteFile()/ Response.ContentType
How can I detect if a browser is blocking an popup?
How to Test Web Code?
What PHP framework would you choose for a new application and why?
How do you disable browser Autocomplete on web form field / input tag?
What is Progressive Enhancement?
In HTML, how to word-break on a dash?
The Definitive Guide To Website Authentication
How do you test layout design across multiple browsers/OSs?
How much of the Web build process do you/should you automate?