Re: Your JS can KMMFA.
The internet was generally more open and informative before ads came along.
With ads in the equation, you get more clickbait headings, salacious articles, stupip gossip, and even lies, just to hike up those ad hits. The actual infromational value of content is secondary.
Having said that, sure there are some good sites run professionally that need revenue, and I do have sympathy for them - El Reg being one. (I'd actually pay for an El Reg subscription as long as subscriptions *weren't* necessary [ forced subscriptions would stagnate the variety of commentards ])
But anyway, the adverisers, and many of the sites using them only have themselves to blame, displaying more and more ads, stuffing them with flashing images, and popup windows, and generally behaving obnoxiously - that's what started off the ad-blocking movement.
Now the ads are generally less annoying, they are instead full of tracking software that tracks far more than is necessary for fair analytics.
Of course, the reason for cookies to be restricted to the same domain was to avoid this sort of tracking - something the ad companies purposely get around by using a single domain for serving ads everywhere. Isn't that against Americas DCMA? Deliberately circumventing security software.
Anyway, for all their huff and puff, the browser vendors aren't helping.
One small change would make all the difference: Only allow cookies to be set in the same domain as the url of the main page) Any cookies from third-party sites (e.g. iframed, or inlined etc. should be ignored.)
Don't give me all this "but it's faster for the user if they already have acme-whizzy-bling-thing cached" etc. crap... If the difference is that big, then the thing is too bloated anyway. As it stands, it's a magnet for hackers, and could also be affected by remote site downtime, and accidental code 'upgrades".
How on earth anyone thinks its good to load third-party modules into their web pages, live from the third-party site is beyond me...