uBlock Origin gets option to block all JavaScript execution by default

New ad blocker update boosts users' privacy and security with JS execution master switch.
Written by Catalin Cimpanu, Contributor

uBlock Origin, one of the most popular ad blockers today, has released an update over the weekend that adds an option to block JavaScript (JS) execution on a page altogether.

What this means is that the ad blocker will skip the execution of any JavaScript files on a page, and only load the page's HTML and CSS code.

This new setting is important because of several reasons. First off, it's important for the sake of security. Malvertising campaigns, traffic hijackers, and exploit kits heavily rely on JavaScript code to do their dirty deeds. Blocking JavaScript execution results in an immediate boost to a users' security, as none of that code will be able to execute.

Also: Russian election hacking hits a bump, but it's still going on CNET

Second, while online advertisers always have a non-JS version of their ads, using uBlock Origin to block JavaScript execution also prevents the execution of the tracking code that usually comes with modern ads.

Third, disabling JS execution also prevents other forms of tracking scripts, such as those used by social media companies, traffic analytics tools, and other online services that uBlock Origin might have missed via its normal blacklist.

Also: Google secretly logs users into Chrome whenever they log into a Google site

This new uBlock Origin feature has been added to version 1.17.0, released on Sunday, September 23. It's in the form of a master switch that appears in the uBlock Origin popup panel.


The red cross in the image above means uBlock Origin is blocking JavaScript execution for that particular site. For users who want to disable JavaScript execution globally, for all sites, there's also a checkbox in the extension's options page.


uBlock Origin is bound to get a lot of new users with this update. In the early days of the Internet and up until the early 2010s, browsers came with options to disable JavaScript execution.

As the JavaScript standard developed and its features and adoption grew, it became an important part of the modern internet ecosystem and an essential part of all websites.

One by one, almost all major browsers removed the ability to disable JavaScript execution via their user interface and relegated this option to hidden configuration screens.

But in a world of intrusive advertising and in-browser cryptocurrency miners, disabling JavaScript has once again become popular among security-conscious users.

Also: How the tech behind the creepy ads that follow you around the internet works TechRepublic

Furthermore, disabling JavaScript is not as intrusive as it once was. While in the 2000s and early 2010s disabling JavaScript meant crippling a site's visual appearance, nowadays most major websites are coded with a "noscript" tag that describes how a website should look when JavaScript fails to load.

This "noscript" version of websites is what uBlock Origin 1.17.0 users will be seeing when they enable the ad blocker's JS blocking function.

These are 2018's biggest hacks, leaks, and data breaches

Previous and related coverage:

What is malware? Everything you need to know

Cyber attacks and malware are one of the biggest threats on the internet. Learn about the different types of malware - and how to avoid falling victim to attacks.

Security 101: Here's how to keep your data private, step by step

This simple advice will help to protect you against hackers and government surveillance.

VPN services 2018: The ultimate guide to protecting your data on the internet

Whether you're in the office or on the road, a VPN is still one of the best ways to protect yourself on the big, bad internet.

Five computer security questions you must be able to answer right now

If you can't answer these basic questions, your security could be at risk.

Critical infrastructure will have to operate if there's malware on it or not

Retired US Air Force cyber-security expert shares his thoughts on the future of critical infrastructure security.

Ordinary Wi-Fi devices can be used to detect suspicious luggage, bombs, weapons

Researchers turn ordinary WiFi devices in rudimentary scanners that can identify potentially dangerous objects hidden inside bags or luggage.

Related stories:

Editorial standards