- Structure can become lost and the site may be harder to maintain. Separation between HTML and your logic is a must.
- Screen-readers & Crawlers don’t execute JS, this can be a loss for SEO.
- Source code that is accessible for anyone to view can create security risks. Hackers or even bots can attempt to exploit the code in a much easier fashion. XSS & CSRF are two of the basics that should be looked at in depth.
- All in all if i’m a security obsessed user running without JS I won’t be able to use the site. How likely is this really? The option is available in browsers so you must take this into consideration when building a site.
- Bigger corporations (Optus, Telstra), schools, governments tend to run browsers with JS disabled to prevent exploits and malicious software from running. If your target market works 5 days a week and can’t access the site at work you will lose those users.
While server side JS has been available since early 1996 it hasn’t been formally maintained, more of a focus was put on the client-server side. More and more alternatives are coming out allowing JS to be used server side, such as the ever popular “node.js“. This has it’s downsides as well:
- Limited communities supporting.
- Limited frameworks available. Not following an MVC structure for a large scale website written in something like node.js. Yeah have fun maintaining that.
- Server support for things like Daemons to keep node.js running are non existent although many people have valid work arounds.
Given a few more years I could easily see JS as the new Ruby, at this stage I don’t see it being secure enough.