A lot of the web is full of sludge—blog spam, analytics, advertising, unnecessary motion. A lot of these files are large and take time to execute for marginal benefit (or negative benefit with tracking). Opting in on a per-site basis can save you the rare threat vector, but also prevent the sludge. When it’s clear the JavaScript provides value (or even good eyecandy), I do the two clicks to enable it and refresh; a blank page generically saying “Enable JavaScript” isn’t telling me anything and feels more like a warning to stay away. Exposé implies it needs to be anything beyond a line or two.
Not everyone wants to download and execute programs from the internet every time they visit a site.
Note: the ‘web’ is comprised of both web pages & applications where web applications obviously need JavaScript, but web pages are better served with JavaScript as an enhancement. In the post here, we have a web app, but there’s nothing that tells me what it is and with so many sites running these project generator defaults of “You need to enable JavaScript to run this app”, it’s impossible to tell if this is an trustworthy application, malicious, or another SPA that should have just been static content.
Not everyone wants to download and execute programs from the internet every time they visit a site.
Note: the ‘web’ is comprised of both web pages & applications where web applications obviously need JavaScript, but web pages are better served with JavaScript as an enhancement. In the post here, we have a web app, but there’s nothing that tells me what it is and with so many sites running these project generator defaults of “You need to enable JavaScript to run this app”, it’s impossible to tell if this is an trustworthy application, malicious, or another SPA that should have just been static content.
You could also check out 2018 articles praising uBlock Origin for allowing users to disable JS by default in v1.17.0 such as https://www.zdnet.com/article/ublock-origin-gets-option-to-b...