First, the numbers that float around (I've posted on this topic before, I think) about the number of users with javascript disabled are nonsensical and entirely unsupported by any hard evidence that I've ever seen.
My belief is that, as far as non-technical IE users are concerned, it's probably in the .001% range. That's what my years in user support tell me is true. If anybody's got logs that say otherwise I'm willing to change my mind.

Second, if someone has turned javascript off, then the functionality that comes with javascript is lost (obviously) and my feeling is: too bad for you if you want something from my site that requires it.

Should you use noscript tags as much as possible? Sure. But let's face it, users have come to expect things on the web that only scripted pages can provide.

It's likely that the higher figures for JS disabled are cited by Webmasters who can't sort all of the search engine and scraper robots from their site stats, and so see a higher percentage.

One issue to consider very carefully is that of visitors who have inadvertently disabled JS, or who have disabled it on the recommendation of some "internet security site" and who have no idea how to re-enable it, or who may have forgotten that they've disabled it.

I disable JS (using a checkbox in a Firefox add-on) very frequently for several reasons: First there is the issue of very poorly-coded routines; Routines that loop, waiting for an event, and consume too much CPU for a trivial function. The recent surge in AJAX has made this problem worse, and inexperienced programmers abound.

Another problem I see is that routines are coded with external dependencies, such as reliance on an external ad-server or click-tracking service, but without any provision for a timeout. If that external server, the DNS server needed to resolve it, or the network connection to it gets congested, then the page won't load. I'll often forego the pretty formatting and other features of a page just to get the basic information when this happens. Examples are news and weather sites.

Sometimes, a site throws annoying pop-ups, and the only way to make it stop so I can finish my task in peace is to disable JS. So legitimate sites pay the price for those sites who haven't figured out that visitors loathe unsolicited pop-ups because of extensive past abuse.

Another problem has to do with human nature. A webmaster learns some basic JS or AJAX tricks, and then proceeds to write client-side code to handle everything -- including functions which could be far more-efficiently handled server-side. This is the old "If the only tool you own is a hammer, then everything looks like a nail" problem.

Webmasters using JS should be very careful to write efficient, fault-tolerant scripts. Otherwise, they may see their rate of site abandonment rise inexplicably when code is too slow on some machines, or external dependencies cause failures. Abandonment due to JS failures is a serious problem, because it cannot be seen (e.g. in the server logs) by the Webmaster, but only inferred -- because all of the action is taking place client-side.

If you are in the business of selling, then it's unwise to make your site depend completely on client-side scripting. All it would take is one widely-publicized zero-day exploit event with internet security companies recommending that JS be disabled, and large numbers of users might disable it -- and then never turn it back on again after the threat abated ("I don't know why all these sites I used to like have quit looking right. Maybe I did something, but I forgot. Oh well, these other sites work correctly.")

Jim

Nice roundup, jd
learned a few things

If you are in the business of selling, then it's unwise to make your site depend completely on client-side scripting. All it would take is one widely-publicized zero-day exploit event with internet security companies recommending that JS be disabled, and large numbers of users might disable it -- and then never turn it back on again after the threat abated

I'm not convinced; for a start, the likelihood of that occurring is really very small, and all the evidence suggests that Joe Home Computer really has not learned to any great degree from past experience; we know that untold millions have no antivirus or firewall; many more fail to update them. And - it seems - close to 100% have no idea how to block simple email spam.

Interesting post - but neither that, nor the lack of other contributions to the thread should inspire any great fear in js users.

Personally, I'm a technophobe, and use very little - turning it off would be pretty much unnoticeable - but I daily visit sites that use it in spades, and my only real issue is those that use it badly! (not too many, thankfully).

I'm particularly interested that no-one has challenged PR's ".001% range", and I suspect the whole 'thing' about non-users (outside of Geekdom) is a bit of a non-issue.

If slaying dragons was that easy, it wouldn't have been "St George and the Dragon"; just plain old George, perhaps even "Don't go on about the dragons, George, they simply don't exist" :)

But I do accept JDM's theoretical risk, and sincerely hope it stays theoretical :)

I've heard of employers blocking JavaScript for all of its employees.

I've heard of employers blocking JavaScript for all of its employees.

To stop them from playing online games and such I would guess?

More likely as a security measure (for example, to prevent cross site scripting attacks).

[edited by: Fotiman at 4:17 pm (utc) on Oct. 2, 2008]

I think you need to consider the percentage of bots vs users and use that to skew the number of people that have it turned off. Any bot or method of requesting data from a site other then in a browser will say there was no JS.

If you have an RSS feed a lot of the requests for it will come with no JS. That doesn't mean people are surfing with it turned off though.

I can answer why I surf with it off.

Sometime I just turn it off and surf. I only do this just to see what some of the sites I use look like with JS turned off. I know some people that use wget to view site content. Don't ask me why, I think it makes them feel geek cool.

I have my default BG set to grey not white just to see how many sites don't set the BG to anything and just assume you have white set as the default. Many sites don't have it defined and so look funny when I go to them.

I do the same with default link styles, I use yellow and green not blue and purple... so many sites don't style them and think I see a white BG, with blue and purple links... when really I see a grey BG with yellow and green links.

To stop them from playing online games and such I would guess?

Most online games are of the Flash format.

My main point about a zero-day attack was not that it was likely. Rather, it was that some of the very same people who don't know how to turn off JS might do it in response to an alert from their anti-virus company, advice from a better-connected, more-technically-oriented friend -- or even an MS security alert. But then, not being technically-oriented and not really knowing or remembering what they'd done, would never ever turn it back on again -- Not until they bought a new computer, or until IE9 came out and happened to reset their browser settings back to default.

A relatively recent Safari-on-iPhone exploit resulted in quite a few on-line recommendations to disable JS, by the way.

However, what I intended to emphasize was the point about fault-tolerance and efficient coding -- Any client-side failures or slow performance due to external dependencies or inefficient code (or just a slow client machine) will be invisible to the Webmaster. So writing tight, efficient code, testing it, and eliminating any possibility of site failure due to external dependencies such as slow or failed ad-servers or external tracking or the associated DNS requests is a "must-do" in my book. Don't do anything client-side that can be done server-side -- Use all the tools, not just the hammer mentioned in my previous. And test, test, test. :)

Jim

Why do people disable javascript?

We have a high percentage of government users, estimate at least 10% browse with javascript disabled. - link [webmasterworld.com]

Previous discussions on this site, values range up to 15%: - link, page 2 [webmasterworld.com]

My daughter is in the military, this also applies to her. When using the bandwidth from the base, Javascript fails by default. She also cannot receive email attachments of any kind, or view video of any kind, all this is squashed at the server level, apparently. recent thread one [webmasterworld.com] and recent thread two [webmasterworld.com]

I cannot locate the post here, I believe it was engine (pr pageoneresults?) who posted a link to a government site that suggested disabling Javascript as one of the key actions in moving toward a safe browsing experience. Combine that with . . .

all the evidence suggests that Joe Home Computer really has not learned to any great degree from past experience...

And for this very reason, people are looking for short, quick answers to BIG complex problems - why am I getting spam, what's with all these pop-ups . . . . and disabling Javascript seems to be the first thing out of a lay-person's mouth when discussing whatever spam or privacy issues they are having.

You can justify ignoring non-javascript users by the numbers, that's all well and good, but it's still a sore spot for many people. IMO it's easier to just implement graceful degradation and give them one less nit to pick. :-)

For me it's not that big a deal. Go into it with the intention that Javascript is an added feature for those that have it enabled, turn it off to test it. It's just another final task you do on project completion, along with validating your pages and other final tests. This covers all the bases and insures that spiders at least have a shot at accessing your content.

Trace's "JavaScript disabled? I don't care!" [pubcon.com] (this time last year) looked at some of the issues, but didn't fully answer the "Why?" question from a user POV.

I saw the thread title and thought, hey, wasn't I just asking about that? Amazing how fast a year goes by.

I don't think I've ever met anyone who disables JS on a routine basis.

Clearly we hang with different crowds!

There's an entire Firefox extension dedicated to nixing JavaScript, called NoScript, which allows people to disable JavaScript everywhere but a few places, and I use it for several reasons:

• Less JavaScript = more secure (paranoia)
  Regardless of whether it's a browser bug, website bug, or just somebody with really obnoxious JavaScript, by enabling JS for only trusted sites I don't have to worry as much.
  
• In general, I don't like webpages that move
  Maybe I'm just an old fuddy-duddy, but there are very few websites I want to interact with. I'm looking for content, and scripts have a habit of getting in the way.

Do I miss out on things? Probably. But I waste enough time already, I don't really need help from YouTube. :)

(I also have a cookie whitelist. It's amazing how many websites break.)

Clearly we hang with different crowds!

That's exactly the point of this thread; I knew that geeks (and geek-ish) people turn JS on and off, and I knew why - the issue for me, is how many people in the real world turn it off, and why? (and Is It A Real Problem?)

Having said that, I have learned a few more (geekish!) issues, and I now have a JS switch on my FF (until now, I didn't know there was an easy way!).

But I have still seen nothing that justifies the frequent comment in other threads:
"What about all the people who have JS turned off" -

Rereading this thread, it appears that misuse of JS is the real problem, while the dangers (to the average punter) are more potential than real.

Most of the real dangers seem to be to the webmaster, who may unknowingly have a non-functioning site, so I suspect a more useful comment would be:
"If you use JS, Get it right, or you'll be losing business".

how many people in the real world turn it off

What, geeks aren't people in the real world?!

Geeks are a lot of things; real world they're not !

"an individual with a passion for computers, to the exclusion of other human interests"

Sorry :(

I have a question, where are people getting the numbers for the JavaScript support turned off or on? Not from GA because it refers to Java and not JavaScript.

pageoneresults,

For years, years, a figure of 8% (users with javascript off) made the rounds constantly and I am unsure of the source of that number.
(Baloney.)

If the comparison is apt - a search for browser usage stats brings up the W3Schools site over and over again and their stats get quoted over and over again.
(Their numbers are either cooked or their visitors are very, very atypical. Those numbers don't come close to reflecting browser share on the net overall.)

I believe it was Samuel Clemens (Mark Twain) who quipped that a rumor can make it halfway around the world while the truth is still putting on its shoes.

The net is the biggest source of misinformation in human history.

And overall, I think quadrille's comments re this topic make the most sense.

And as far as the government and military is concerned, access to all sorts of communication are restricted, no? What is a web developer to do?

I'm not a geek, but I loathe Javascript because I go through daily grief with JS on websites totally freezing up not only the browser when their scripts hang, but the whole computer so that it can't even be turned off without killing the power switch.

So: some people disable Javascript because they don't want Javascript disabling their computer.

Some people who surf with JavaScript turned off have names like GoogleBot and Slurp. There aren't many of them, but they're pretty important visitors.

The numbers for who has JS turned off mostly comes from server log analysis. There is no way of know who has it disabled, but there are ways of knowing who has it enabled.

If the log shows that the scripts (assuming external) are not downloaded, then they're surfing with JS disabled (or otherwise use a browser incapable of JS).

As for reasons -- security is a main reason when it comes to any form of organized behavior (government, military, companies, etc). As for me, I simply keep it turned off to save my sanity. Only trusted sites are trusted with running their scripts. The others I treat with suspicion until proven otherwise. I can generally tell if I'm missing out on something. If not, I'm happy not to bother with it. And, it makes for a faster and more pleasant browsing experience overall.

As someone hinted at -- many site designers abuse JS by making it some form of universal tool. JS is supposed to enhance the user experience, not define it.

JS is supposed to enhance the user experience, not define it.

Substitute almost anything for JS - Flash, autorefresh, audio, etc., etc., - and you're close to a universal truth.

How many webmasters destroy themselves in their obsession with trying (in vain, usually) to control their visitors (read: 'drive their visitors away') ?