Reply to post: Re: Your JS can KMMFA.

Why does that website take forever to load? Clues: Three syllables, starts with a J, rhymes with crock of sh...

Jamie Jones Silver badge

Re: Your JS can KMMFA.

The internet was generally more open and informative before ads came along.

With ads in the equation, you get more clickbait headings, salacious articles, stupip gossip, and even lies, just to hike up those ad hits. The actual infromational value of content is secondary.

Having said that, sure there are some good sites run professionally that need revenue, and I do have sympathy for them - El Reg being one. (I'd actually pay for an El Reg subscription as long as subscriptions *weren't* necessary [ forced subscriptions would stagnate the variety of commentards ])

But anyway, the adverisers, and many of the sites using them only have themselves to blame, displaying more and more ads, stuffing them with flashing images, and popup windows, and generally behaving obnoxiously - that's what started off the ad-blocking movement.

Now the ads are generally less annoying, they are instead full of tracking software that tracks far more than is necessary for fair analytics.

Of course, the reason for cookies to be restricted to the same domain was to avoid this sort of tracking - something the ad companies purposely get around by using a single domain for serving ads everywhere. Isn't that against Americas DCMA? Deliberately circumventing security software.

Anyway, for all their huff and puff, the browser vendors aren't helping.

One small change would make all the difference: Only allow cookies to be set in the same domain as the url of the main page) Any cookies from third-party sites (e.g. iframed, or inlined etc. should be ignored.)

I'd also allow restrictions on js running from any third party site loaded via iframes, and also seperate restrictions on javascript loaded from third party sites by the main pages javascript.

Don't give me all this "but it's faster for the user if they already have acme-whizzy-bling-thing cached" etc. crap... If the difference is that big, then the thing is too bloated anyway. As it stands, it's a magnet for hackers, and could also be affected by remote site downtime, and accidental code 'upgrades".

How on earth anyone thinks its good to load third-party modules into their web pages, live from the third-party site is beyond me...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020