this post was submitted on 18 Oct 2023
1 points (100.0% liked)

libre

9821 readers
1 users here now

Welcome to libre

A comm dedicated to the fight for free software with an anti-capitalist perspective.

The struggle for libre computing cannot be disentangled from other forms of socialist reform. One must be willing to reject proprietary software as fiercely as they would reject capitalism. Luckily, we are not alone.

libretion

Resources

  1. Free Software, Free Society provides an excellent primer in the origins and theory around free software and the GNU Project, the pioneers of the Free Software Movement.
  2. Switch to GNU/Linux! If you're still using Windows in $CURRENT_YEAR, flock to Linux Mint!; Apple Silicon users will want to check out Asahi Linux.

Rules

  1. Be on topic: Posts should be about free software and other hacktivst struggles. Topics about general tech news should be in the technology comm or programming comm. That doesn't mean all posts have to be serious though, memes are welcome!
  2. Avoid using misleading terms/speading misinformation: Here's a great article about what those words are. In short, try to avoid parroting common Techbro lingo and topics.
  3. Avoid being confrontational: People are in different stages of liberating their computing, focus on informing rather than accusing. Debatebro nonsense is not tolerated.
  4. All site-wide rules still apply

Artwork

founded 3 years ago
MODERATORS
 

Context

The JavaScript Trap is the idea that webpages have the ability to transmit programs to the user in the form of uncompressed or compressed JavaScript ("ECMAscript") code. Nearly all web browsers with the exception of GNU Icecat will silently evaluate all of this code by default. Not all JavaScript code is malicious or noteworthy to the user, but much of a JavaScript code run today on the client side is nonfree and therefore creates an uneven relationship between the user and the program. Even if the JS code is intended to be Free, only a proof of license and documentation can ensure it will be Free for its users.

LibreJS

Therefore, the LibreJS extension was created for Firefox derived browsers to be able to dynamically block nonfree JavaScript while also permitting free or otherwise trivial JavaScript to be run.

LibreJS can be obtained directly from the GNU Project here, it can also be installed automatically from the Mozilla Addons page here as well as several workaround scripts for some websites here

LibreJS should not be confused with extensions like NoScript which is used to block any and all JavaScript for security purposes (mostly used when browsing the Tor network). LibreJS is concerned with blocking JavaScript on the basis of software freedom, not security (though many security benefits can be achieved by blocking nonfree JS).

LibreJS should also not be confused with something like Greasemonkey which allows users to create and run their own JavaScript or modify existing ones. Greasemonkey is an example of how users can control their own computing in their web browsers by being able to create their own scripts. Websites that block Greasemonkey (websites which will also include proprietary JS) are therefore unjust.

Hexbear

Lemmy itself is released on the AGPLv3 license, therefore all the JavaScript code from the project is Free. However, that doesn't mean that the code sent by hexbear.net to its users is Free. In fact, this code is unique to hexbear.net specifically.

In fact, LibreJS blocks two scripts from Hexbear that gets run when users connect and render the site in their web browser.

  • The hexbear.net script is uncompressed JavaScript code that sets meta tags, styles, themes, and a custom script to presumably do something important (I am not a web engineer evidently).

  • When it's done, it defers to the client.js script. This script is compacted JavaScript code which is unreadable to humans. It starts with this however:

/*! For license information please see client.js.LICENSE.txt */

LibreJS does not recognize this as free JS code, therefore it is blocked as well. This renders the site unusable as users cannot login nor see posts. They can see the site tagline so at least that code is trivial/free. The only solution is to whitelist the site completely.

Request

I ask the web admins of hexbear.net to liberate their JavaScript code so that it passes the LibreJS check. The resources on how to do that can be found below. LibreJS compliance will demonstrate that hexbear.net stands with creating a freer and more inclusive web for all and with the goals of libre software.

¡Viva software libre!

Errata

  • the client.js code is autogenerated by lemmy and has a free license. It has to do more with Lemmy itself rather than being an instance issue. Perhaps a feature request is in order?
  • you can view the client.js license through LibreJS as well, so there's no issue with whitelisting.
no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here