this post was submitted on 06 May 2024
58 points (100.0% liked)
Privacy
31761 readers
410 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I'm still trying to understand what "proprietary JavaScript" means.
JavaScript that's under a proprietary license (code that doesn't give you the 4 freedoms)
What I don't understand is how they can tell. There's no mechanism (that I'm aware of) for signalling the licensing of deployed (minified!) JS code. The development code has licensing and versioning and so on but none of that makes it into production. As far as the client is concerned it's all proprietary.
Technically that is what LibreJS is for. However, beyond LibreJS you can look at the code and see if it is similar to existing JavaScript frontends or libraries.
It is a imperfect solution but it is better than just arbitrarily running programs in your browser or disabling JavaScript completely.
https://www.gnu.org/software/librejs/
Apparently it's (by default) everything that doesn't explicitly specify a license (especially a FOSS one) within the javascript code of the page, which is a ridiculously huge portion of JS on the internet.
What if they did this with HTML too? :p
It is never to late to start something and make people aware of problems and as far as I am concerned not only about software licenses but JavaScript as a security problem.
It doesn't apply to HTML because HTML is fundamentally not code that runs, but rather a markup. It's just like how licensing a book under the GPL would be weird and unnatural, because it represents someone's words. JS is code that runs on your computer, just like any other program
where is the line drawn though, and who gets to decide?
MANY people say "html code" even if you consider that wrong.
Is a shell script or python "code"? Because it doesn't directly translate to machine code?
See what I'm getting at?
There is definitely a grey area, but HTML is pretty far away from it. HTML doesn't "execute" and is very far from Turing completeness. You cannot write programs in it, and that is the key. Pure HTML is very much on the side of "rendering text" and not "running software." Once we start talking about things like LaTex though, the line gets a lot harder to see. Note that whether HTML is "code" is irrelevant. The point is that whether it's "code" or not, it is never a program.
Edit: typo in "grey"
Shell and python scripts are also code which is executed. HTML (at least back in the day) wasn't really a network shipped executable, but more like markdown file which is just parsed and rendered
This feels a bit like the debate over whether a virus is "alive" or not. "But the virus/HTML has DNA/code." "But it requires another cell/web browser in order to replicate/execute." etc. 😄
I really don't think so.
For the sake of simplicity, let's go back to the time when websites were not full of JS and other modern web stuff
You could in principle just
wget
the html file from a server and parse/render it without having to run that file. Like I said, it is like a simple markdown file.In terms of modern web, a crude analogy would be to look at the output from static site generators. In those, the server essentially doesn't execute code, hence a lot of cloud providers can host your static sites for free
I agree. Html could also be compared to a config file. Only parsed; it doesn't provide new instructions (unlike python etc)