Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Only supporting users who have Javascript enabled

I am considering creating a website that only supports users with JavaScript enabled.

My justification for this is that I want to offer a rich user experience, in a fairly limited time budget, so if I only support people who have JS enabled, I don't have to spend time making sure the UI works without JS and create server side equivalents for validation etc.

  1. Is this possible? Do different browsers\platforms prevent me from achieving this?
  2. What percentage of users have JS disabled these days?
  3. How would I go about checking if JS is enabled in C#.
like image 558
Dan Avatar asked Apr 11 '09 14:04

Dan


People also ask

What does it mean to have JavaScript enabled?

Summary. Many Internet Web sites contain JavaScript, a scripting programming language that runs on the web browser to make specific features on the web page functional. If JavaScript has been disabled within your browser, the content or the functionality of the web page can be limited or unavailable.

How many users have JavaScript disabled?

After crunching the numbers, we found a consistent rate of JavaScript-disabled requests hovering around 1% of the actual visitor traffic, with the highest rate being roughly 2 percent in the United States and the lowest being roughly 0.25 percent in Brazil.

What percentage of web users have JavaScript disabled?

You might have heard that the percentage of users without JavaScript is approximately 1% and that these people actively turn it off. And on that basis that it's okay to exclude them. First of all, 1% of a large number is still a large number. A 1% increase in users is not usually something to be sniffed at.


4 Answers

Your justification is fine. However, you must implement validation on the server side of things as otherwise abusing your code will be very easy by just disabling JavaScript.

No, making it "impossible" to submit any data without JavaScript will not solve it.

From personal experience I think most internet users hava JS enabled nowadays. The portion of users who may have problems with JS-heavy site is mobile-based users, so unless you need to reach them, it probably should not be a big issue.

The easiest way to determine JS with just a single redirect would be to set a cookie with JavaScript code (document.cookie) and then use the aforementioned window.location to redirect. After that the server should be able to read the cookie set by JS, assuming it's enabled.

Also, while it's quite difficult to share validation rules and other logic automatically on both server and the client using tech like C#, I would suggest checking out Aptana Jaxer. Jaxer is a JavaScript based server-side framework which, amongst other things, will allow you to share the very same JavaScript code on both client and server. Very nice if you want to validate on the client, but don't want to write your validation rules twice!

like image 160
yrokam Avatar answered Sep 18 '22 15:09

yrokam


See:

  • How many people disable Javascript? (around 1%);
  • How to detect if JavaScript is disabled?; and
  • Detect when JavaScript is disabled in ASP.NET.

As for validation you should always do serverside validation and never rely on clientside validation. You're just asking to be hacked otherwise.

If you are doing a rich user experience and/or you don't have the time to do two (or more) versions of your Website to cater for such a small percentage, I think we've reached the time where that's usually acceptable.

It does however depend on the circumstances. Certain sites may target uses that disproportionately disable Javascript and so on.

like image 40
cletus Avatar answered Sep 18 '22 15:09

cletus


You're missing a couple browser scenarios:

  • A lot more people are using NoScript and similar systems, where javascript is initially disabled. This may not really be a problem for you, because most of those people will just turn it on when they need it.
  • Googlebot doesn't know javascript. You need to make sure the content good enough without javascript for Google to index it properly.
like image 32
Joel Coehoorn Avatar answered Sep 20 '22 15:09

Joel Coehoorn


These days, the only people who don't use JS are usually:

  • Visually impaired, and use screen readers (all effect of JS is usually lost)
  • Security-conscious (or paranoid?) and browse with NoScript turned off
  • Mobile users with limited browsers

In ASP.NET, or any HTML site, use:

<script type="text/javascript">
    window.location="/hasJs.aspx";
</script>

Which will redirect them to a page for JavaScript users, which may set a cookie or something you can check for in your master page. Like so (or similar):

(in hasJs.aspx):

protected void Page_Load(object sender, object e) {
    Response.Cookies.Add(new HttpCookie("hasJs", "yes"));
    Response.Redirect("/Default.aspx");
}

(Site.master) :

<% if ( ! Request.Cookies.Contains("hasJs") ) { %>
    <script type="text/javascript">
         window.location="/hasJs.aspx";
    </script>
    This site requires JavaScript.
<% } %>
like image 24
Lucas Jones Avatar answered Sep 17 '22 15:09

Lucas Jones