i'm not a "parasite" for having a personal threat model - i'm a person with a double digit number of browser CVEs, and i think it makes sense to take extra precautions because of that
and like, noscript doesn't mean you can't run javascript - it just means you have to consent to it, just like it was in the past with flash and java applets
your argument kind of assumes noscript users never run javascript, which is false
> i'm not a "parasite" for having a personal threat model
Of course not. You're a parasite because if everyone had your "personal threat model"[1] it would kill the platform you're using and you wouldn't even have the option of noscript. I think the metaphor is apt and I stand by it.
[1] FWIW, this conflation of legitimate security jargon with what amounts to wanting more settings tunables in your app is sort of a bad smell. It seems insincere, honestly.
i guess we can all tell who works for ad-tech!
seriously though, some of us have been using the web longer than JS has existed, and it works fine without it.
i personally just updated my purpose-built (for SEO and other non-JS contexts) router for React, which now lets one curl a page and you can see all the text contents you want and even has low quality image placeholders. so you can view the whole page with no-JS. it really isn't very hard to support!