JavaScript warning

I hate having to turn on JavaScript extensions when playing a project. Couldn't you just add a warning before you start the project?

This has been brought up many times.

The issue is that young Snappers would just click on enable without checking what the project contains and that could lead to their own computer, and in worst case scenario, their whole school being infected with malaware

JavaScript in Snap! is really only to be used for personal projects nowadays or from REALLY trusted sources

didn't think about that.

it was done like this for a reason, because someone made a malicious project.

i remember when there was like no warning what so ever and it would just auto-enable

i think if your just going to press enable anyways, you having to go into the project is just an extra step, i dont see any more incentive to check the code doing it that way vs a warning message on projects that use js "Warning - This project uses JavaScript and may not work without it, enable JavaScript?" with [ Yes ] [ No ] ☐ dont ask again , that way everyone who wants to be asked get asked everyone who wants it auto-set get it set then no more post about 'hey can you make a way to enable js...'. @bh.

I agree.

Also @ego-lay_atman-bay and @cymplecy, what I mean by "I agree" is that I think there should be a text saying "This project requires JS" or something.

I don't like fishing around either, but its safety. I think a workaround would be showing all js contained in the project, but I don't think jens would ever add that.

It already does. Just run a js block with js off, in presentation mode.

The reason this all started was because someone made a malicious (phishing?) project I believe. It will likely not be changed for a multitude of reasons even though it would be easier this way.

We must remember- not everyone, especially new Snappers can exactly don't know what is JS and they can agree for turn on js in showed window. Sometimes, some projects have malicious code, which can cause damage for computer etc. Alone I support idea, but it's still dangerous.

I agree with the principle, but I ask myself a question from the beginning: Why are we asked to activate javascript in our own projects?

So lets say Snap! let you import your own project from your own computer and automatically enabled JavaScript

That's quite a bit of trouble for Snap! to goto

And it's easy to imagine how such a facility could be abused by bad actors

We just need to accept the situation and put creative effort into using just Snap! provided blocks for our projects.

Snap! today (and even more so in upcoming V8) does a LOT more than it used to without the need for JavaScript.

If you think that some facility (that needs JavaScript to work) would be very useful for others, then I'd recommend making an extension and submitting it for approval

If i load a project for the 1st time (the project is not mine for now...), it will be normal for me to enable javascript. But when i enable javascript and i save the project, why would i have to re-enable javascript a second time ? It's my own project now... (same if it's my own project from the beginning...)

Process.prototype.enableJS = true;

put that in a userscript and never enable JS again.

What you want to happen would be a LOT of trouble for Jens to implement and could lead to it being used as an attack vector.

I can easily see a future situation in which JavaScript will not be allowed at all (except in extensions)

Much better to not rely on JavaScript in your projects at all :slight_smile:

The only thing that I still need JavaScript for is for dynamic custom reporter menus and I have a feature request in to have them added to Snap!

And as cameron8299 has said, there is a method of getting around the issue if you have control over your own computer