FSF asks web devs to ID JavaScript code

"JavaScript Trap" escape plan leaves something to be desired

The Free Software Foundation (FSF) is promoting a new program that asks web developers to insert license tags within JavaScript instances so that web page visitors will be able to more easily identify non-free JavaScript content and thus avoid what FSF President Richard M. Stallman called in 2009 "the JavaScript trap."

The new solution FSF has proposed JavaScript License Web Labels, a format with which web designers can stick licensing information that can be human or machine read and will indicate what license permissions are available on that particular page.

Basically, the idea is to create a single page on your site that contains a table with the standard attribute

id="jslicense-labels1"
. The table will have just three cells in each row, which will list, respectively, the JavaScript file, the license information about the file, and a link to the source code for the JavaScript, if applicable. This standard format will make it easier for automated tools to read the content of the site and act on the user's preferences.

This is not, obviously, a new idea--this particular solution is a tweak on the original proposals made in 2009 when Stallman first highlighted what he deems a serious problem within the Internet ecosystem. At that time, Stallman pointed out that JavaScript was no longer a trivial part of web technology and that he believed that non-free JavaScript code on a web site was just as dangerous to a user's freedoms as native proprietary software.

By more prominently identifying the license(s) for JavaScript code, the FSF reasons, users can choose to avoid pages with non-free code, or more easily identify code under the GNU General Public License or Affero GPL (a copyleft license more suited for web services) that a site visitor can use or modify for their own purposes.

The JavaScript License Web Labels program sounds good on paper, but from a practical and philosophical standpoint, I am not sure this is such a good idea.

First, the practical: if a developer has made a conscious decision to select a non-copyleft license, participating in this program would seem to be a bit counterproductive. A lot of savvy users turn off JavaScript functionality just on general security and philosophical principles already… why would a developer seek to further discourage users from visiting a site? I just don't see that happening.

There is also the problem of the one-more-thing scenario. Rightly or wrongly, the GPL and copyleft family of licenses are being perceived as a hassle to deal with, while permissive open source licenses do not seem to have this stigma. This is not a statement of agreement with that assertion, but there is no denying that FUD or no, this is a problem for the restrictive copyleft licenses. This program, while not really arduous by itself, is just one more thing that potential free software developers would have to contend with.

Obviously, those dedicated to free software principles will have no problems participating in this program. But that's just preaching to the choir, isn't it? The FSF needs to reach out to those developers who are not using free software and convince them that it's a good idea to use copyleft licenses, and this web label program isn't really it.

Instead, these web labels seem to be taking an self-punitive approach: put these labels on and watch all your free-software-loving visitors leave your site. Or switch to free software. Yeah, that'll win over web developers.

The philosophical concern I have with this program is that it doesn't address (again) the education gap. The FSF is correct in saying that people are using non-free software all of the time, but that means absolutely nothing to the average web site visitor, who may not even understand the dynamic technology that's running right before their eyes, let alone any back-end scripts that might be phoning home or performing some other nefarious function.

The FSF is presuming that if it's copyleft-licensed, than by definition that software is automatically Good. The contention is that since the code is free to see, then no one can get away with anything. Most users won't know "Good" software from "Bad," even if the source code were shown to them. Source code availability does lend more transparency to the process and makes it less likely that free JavaScript would try something funny, but it is not a cure-all.

Nor, for that matter, is open source software, which the FSF takes great pains not to acknowledge, but still provides a measure of transparency.

Users need to be educated on how web-enabled software works in the most basic terms before such a program could really be useful for the general community. Then they would know what to watch out for. But, since most users are oblivious to even why they should learn how the web works, this is going to be a very hard row to hoe.

The JavaScript trap may be a genuine concern, but for this program to succeed, web developers will need more incentive to license their JavaScript files as free software to begin with. With the threat of less visitors, proprietary and open source developers will have little reason to participate in such a labeling program.

Read more of Brian Proffitt's Zettatag and Open for Discussion blogs and follow the latest IT news at ITworld. Drop Brian a line or follow Brian on Twitter at @TheTechScribe. For the latest IT news, analysis and how-tos, follow ITworld on Twitter and Facebook.

What’s wrong? The new clean desk test
Join the discussion
Be the first to comment on this article. Our Commenting Policies