I understand that server-side validation is an absolute must to prevent malicious users (or simply users who choose to disable javascript) from bypassing client-side validation. But that's mainly to protect your application, not to provide value for those who are running browsers with javascript disabled. Is it reasonable to assume visitors have javascript enabled and simply have an unusable site for those who don't?
+2
A:
It is ok in these days to assume your visitors have JS enabled. With that said, you should strive for the best possible degradation of your site with JS disabled. It is ideal if your site falls back to a state that is still usable without JS.
Geoffrey Chetwood
2008-09-30 23:48:10
This advice about degradation being ideal is somewhat dependent upon your target audience as well as what your website or web application is supposed to do. You have to weigh whether the amount of effort spend in that vein is going to be worth it.
Jason Bunting
2008-09-30 23:50:08
@Jason: Of course, that is why it is secondary.
Geoffrey Chetwood
2008-09-30 23:53:21
+2
A:
Yes it is. But expose as much of it as possible through regular HTML and URLs, if for nothing else than for Google.
dlamblin
2008-09-30 23:48:15
+2
A:
Accessible, yes... functional? Not really.
This is really a customer requirement question more than developer-answerable, but if your customer tries to enforce a requirement that non-JS browsers work, you should argue heavily against it and really hammer them on the "cool" factor they'll be missing.
Given the heavy reliance by GWT, RichFaces, etc. on Javascript, it's just not feasible to make an app with any kind of user-friendly UI without it.
You should certainly warn non-JS enabled users that the site they're trying to visit relies heavily on JS, though. No point in being rude about it.
Bill James
2008-09-30 23:49:37
+10
A:
I think there is another reason which push you to support at least some main functionality without JS - lots of us now browsing from mobile and PDA, which have no the same lvl of JavaScript support.
dimarzionist
2008-09-30 23:52:08
Why did someone vote this down? It's a reasonable response and something I had overlooked.
Kevin Pang
2008-09-30 23:56:38
@Rich: I did vote it up. I asked a reasonable question about why this was voted down. If you don't like it just ignore it. Don't whine about it.
Kevin Pang
2008-10-01 00:33:25
+27
A:
I browse with NoScript in Firefox, and it always annoys me when I get pages that don't work. That said - know your audience. If you're trying to cater to paranoid computer security professionals - assume they might not have JavaScript enabled. If you're going for a general audience, JavaScript is probably on.
Neall
2008-09-30 23:52:12
"it always annoys me when I get pages that don't work" - there's a very simple solution to that...
nickf
2008-10-01 01:57:06
The reality is that NoScript is itself becoming more popular. Not many have javascript all-out disabled: but the number who have it turned off _conditionally_ somehow is _growing_, not shrinking.
Joel Coehoorn
2008-10-01 02:28:52
I voted it down because of the assumption inherent and self-righteous tone: you're choosing to not use a particular technology, and then you're annoyed when sites don't work? You can only expect a site to reasonably degrade so far.
matt lohkamp
2008-10-01 07:58:45
Also, note that security professionals might have JS turned off, but they're going to know that they've got it off and expect performance to suffer - so if your site doesn't work quite right when they look at it, it's not so bad, because they'll know how to fix it for themselves.
matt lohkamp
2008-10-01 07:59:43
The real problem for us NoScript users are site which actively destroy the site if you don't enable javascript. e.g. herold.at covers the whole site with a DIV to announce that JS is disabled. If I remove that DIV, the site works flawlessly without JS. WTF?!
David Schmitt
2008-10-01 10:39:00
@David, the div might be used for something and only hidden/initialized within a script. That is your fault, not his unless he designed it that way. Personally, I use Adblock to remove ads and javascript I don't want, otherwise mine is fully enabled.
The Wicked Flea
2008-10-08 02:28:44
@matt and flea: You're both kind of missing the point. Javascript can introduce security holes, and it is reasonable to turn it off for normal usage. A site which needlessly breaks when Javascript is off is pretty dumb.
Ali
2008-10-08 11:59:28
+10
A:
http://www.w3schools.com/browsers/browsers_stats.asp
They claim 95% of users have Javascript on.
Don Neufeld
2008-09-30 23:52:40
I just want to add this so people not aware know this, W3Schools' statistics are for visitors of THEIR site, which is generally those looking for web tutorials (web developers) so that page is not representative of the general population. Firefox beats IE in their stats...
Dan Herbert
2008-10-01 00:12:07
+8
A:
There's at least one category where the answer is definitely "no". If you work for the government, you must make sure the site is accessible to those using screen readers.
Joel Coehoorn
2008-09-30 23:56:02
A:
I think it's fair to assume that the majority of visitors to your site will have JavaScript enabled. Some of the more trafficked sites out there have a dependency on JavaScript. For example, I was surprised to learn that you can't authenticate through a Passport-enabled site without a JS-enabled browser.
Gabriel Isenberg
2008-10-01 00:07:13
A:
No its not, period, full-stop, end of story. Its just naive and wrong at an ethical level, not to mention you miss out on around 50% of Internet users worldwide (believe it or not 70% of web access worldwide is from mobile devices).
Add extra nifty stuff that requires Javascript, thats fine. Don't make your site unusable without Javascript unless you have really, really, really good reason to do so.
Someone rightly pointed out that I don't have evidence to back up my claim of 70% mobile web users. Unforunately I can't find the source I got it from but I remember it being authorative so have no reason to doubt it. It does make sense though when you consider worldwide usage, many developing countries have more mobile phones than landlines and broadband. A statistic that was quoted in my not-to-be-found source was that one African country in particular has 300,000 landlines, but has 1.5 million mobile phones!
roryf
2008-10-01 00:11:22
"70% of web access worldwide is from mobile devices)"... do you have something to back that up?? I think you're very very far from realitiy
Pablo Fernandez
2008-10-01 00:31:19
No, I'm not. But admitedly no, I don't have the evidence to hand, can't remember where I found it but I'm sure its accurate. I'll go look...
roryf
2008-10-01 10:48:32
Despite the percentages being true or false, I totally agree with Rory Fitzpatrick. Web developers are badly used to develop for Internet Explorer, and so they tend to forgot little things like STANDARDS. When you develop a website, you're writing some piece of text that will be read and rendered by web browsers. Web browsers are software capable of reading and rendering HTML documents. Period. JavaScript is NOT a requirement for making a browser, so the answer is NO.If Kevin asked if it's OK to write a non-standard with JavaScript as requirement, well, it's NON-STANDARD, anything will do.
Spidey
2009-08-27 21:26:26
A:
Nearly all (but not quite all!) users will have javascript enabled. (I believe the figure quoted above of about 5% is accurate.)
Given the vast improvement in usability you can make with the judicious use of javascript, my opinion is that most of the time, it is reasonable to assume it is enabled.
There will of course be some instances where that is not the case, (ie, a site designed for mobile devices, or with a high percentage of disabled users etc), and always a effort should definitely be given to making your site as accessible as possible to as large a percentage of the population as possible.
That said, if you only have a low traffic site, 5% of a small number is a very small number. It may not be worth bending over backwards to make your site accessible to these people when it may only gain you one or two extra users.
I guess the short answer is (as always), there is no correct answer - it will depend entirely on the target use, and target users of the sit in question.
Dave Smylie
2008-10-01 00:16:46
A:
According to this little page Javascript is enabled in 95% of browsers and it keeps raising.
Pablo Fernandez
2008-10-01 00:37:46
+12
A:
Totally depends on who you're aiming at.
If your site or app is for an Intranet, you can make lots of assumptions. If your target audience is bleeding-edge social-networking types, you can assume JavaScript will work. If you anticipate a lot of paranoia sysadmin types, you can assume a bunch of them will be trying to access your site in lynx or have JS turned of for "security reasons."
A good example of this is Amazon -- their approach is driven by their business goals. They are a mass-market site, but for them, locking out users in old/incapable browsers means potential lost sales, so they work hard on non-script fallbacks.
So like lots of these kinds of questions, the answer is not just regurgitating what you've read somewhere about accessibility or progressive enhancement. The real answer is "it depends."
mde
2008-10-01 01:44:39
A:
The W3C Browser Statistics page (scroll down) has some information on this; they say that 95% of visitors have JavaScript on as of January 2008.
Drew Stephens
2008-10-01 01:48:39
A:
It's reasonable to assume your visitors have javascript enabled !-)
-- but of course it depends on who you're trying to reach ...
Several times above w3schools have been mentioned and, as Dan stated, its their own visitors which make it somewhat quirky to draw conclusion from.
However, if you look at theCounter.com it seems that their audience has the same habits in general on this point ...
A twist that hasn't been mentioned yet is the growing amount of crawlers, mailharvesters and so on, they definitely do not have javascript turned on, and how good are counters to detect them ?-)
My guess would be, that this sort of machine-browsers fill up a lot of those 5-6% !o]
-- that said, if it's at all possible, make your app degrade gracefully (as a wise man said)
roenving
2008-10-01 03:20:51
A:
Your questions seems to suggest form based input for an application. If it's an intranet application then you'd be guided by the in-house security experts. If it's public app, then as other posters have suggested, fail gracefully.
CyberED
2008-10-01 03:27:16
+2
A:
No! Some environments will have it disabled as a matter of policy, with nothing you can do to enable it. And even if it's enabled, it might be crippled.
This question has been asked before.
Mark Ransom
2008-10-01 03:54:28
A:
I will argue that it is more than reasonable to expect them to have javascript so long as you provide suitable means to replace javascript should it not be enabled. One of the reasons that I like the Yahoo UI Library is that it degrades gracefully.
DanielHonig
2008-10-01 06:31:53
A:
One interesting point to consider is that as a web developer you have a social responsibility to push technology forward - and by using things like AJAX, you increase exposure and potentially rate of adoption along with it. The only thing that should stop you from using the tech to its fullest extent is money - if you won't make the money that you need because people will have trouble viewing the material, you've got to reconsider.
matt lohkamp
2008-10-01 08:03:38
Down-voted: AJAX is not a silver bullet. Do not use AJAX willy nilly to prove a point. For small updates where it is suitable, sure, use AJAX. For major page updates, unless you already have AJAX as an absolute _requirement_, use http, respecting other's valid security concerns.
Ali
2008-10-08 01:31:27
Either you mis-read or I mis-wrote, but I'd never advocate superfluous use of any technology - all I'm trying to say is, browsers support what people use, and if you never use the new tech because it isn't as readily supported, then it'll never be readily supported. This is a catch-22 we can break.
matt lohkamp
2008-10-08 23:54:50
You don't need to ignore old behavior to push technology forward. You can always make a simple version of your website for users without JavaScript and a complete version with JavaScript. And I don't mean separate sites, you can make one that degrades completely.
Spidey
2009-08-27 21:28:15
+3
A:
I browse with the NoScript plugin in firefox and I'm surprised at the amount of developers that haven't even considered making their site degradable.
Never assume the user has JavaScript disabled - especially seeing as it may not always be their fault. Many enterprises have firewalls which block JavaScript/ActiveX etc. - In this instance the <noscript> element won't work so I would NOT recomend using that either!
Unless you're creating a full-on web application which is going to be 90% Ajax then you must make sure to abide by standards and progressively enhance your site through various layers of interactivity.
Also don't forget the important of object detection, especially with the rise of mobile phone web browsing. One of the most popular mobile web browsers (Opera mini 4.0) doesn't allow all "Background javaScript" to work and Ajax calls rarely execute correctly... Just something to be aware of.
To be honest I am sick and tired of developers that think everyone will have JS enabled! What ignorance!!
J-P
2008-10-01 10:38:26
A:
I always try to code my sites as static one first, THEN i add js/ajax functionality. This way i can be kinda sure that will work on non JS browsers :)
But, javascript is like flash: all users have it, but developer have to concern on WHAT IF.... ? :D
Ionut Staicu
2008-10-01 10:45:13
A:
This is totally a "it depends" question, as many people have pointed out.
This is why metrics is valuable on sites to help show if you can really run with the analogy that "major sites say that the majority of people have JS on" - you could have a site where it's 99%. I won't dig in to what's been said above, as it's been answered very well :)
keif
2008-10-04 15:35:37
+2
A:
Is it reasonable to assume visitors have javascript enabled and simply have an unusable site for those who don't?
There are actually two questions, and the answers are: Yes, it is reasonable to assume visitors have javascript enabled. And, No this does not mean others should be left with unusable site.
Progressive enhancement is the way to go. Have your site usable without javascript and then add bells and whistles.
As for client side validation, it is no more than a convenience for user to avoid unnecessary roundtrips to server (where real validation should be performed).
Marko Dumic
2008-10-08 01:21:43
+1
A:
Never ever assume Javascript for form validation, as your question implies. Someone will eventually realise this and turn Javascript off.
Instead, code the app in fairly regular html manner and use Javascript for what it is: an optional perk for your users.
Even for an entirely AJAX app like Gmail, the complete works of form validation is required on the server side.
Ali
2008-10-08 01:37:34
"I understand that server-side validation is an absolute must to prevent malicious users (or simply users who choose to disable javascript) from bypassing client-side validation"
liammclennan
2008-11-11 01:08:22