Technically, with browser plugins, if the JavaScript is available in a non-minimized form, it is possible to modify it as it runs in your browser. If you interact with a number of specific sites, you could even program these modifications in your own plugins.On Thu, Jan 18, 2018 at 04:34:50PM +0100, marc wrote:The client-side Javascript to me is not a relevant issue anymore since JS is an open standard and browsers are sandboxed these days.I'd like to disagree with this statement.I fully agree with Marc here. I would also like to add a more technical note. That is that no amount of sandboxing exempts a program from havig to follow the Free Software Definition in order to be considered Free Software. Other than HTML documents and their stylesheets, JavaScript elements are by themselfes programs. Although in a different context the issue of Tivoization[1] has shown a decade ago that compliance to a license does not guarantee compliance to this set of statements which constitute a spirit rather than a law. [1] https://en.wikipedia.org/wiki/Tivoization Coercing a user into running specific code in order to view information from your website, leaves this user powerless in regard to this code. The mere permission to serve a modified copy on my own site, and force it over other people in turn, does not change my standing toward the original source, as it would do with desktop software.
Aren't we all in some way depending on the Web for our work these days? I mean, those of us who work in software. The separation is a good idea because we hope the sandboxing can protect us from the potentially malign effects of software originating from other people's computers. The alternative would be to only visit sites we have reason to trust or only have passive HTML pages.Furthermore, strong separation of the browser from the rest of the system, even if it were possible, hardly leads to a gain where this browser and the websites I visit are the focus of my work.