Script
What is a script?
A script is a sequence of instructions that can be executed by a computer or programming language. A script is a common type of computer program, its defining characteristic being that it does not have to be compiled in advance of being run. It’s interpreted and executed in real time.
Software programs are written in a language that then has to be compiled, or translated, into a machine language that the computer will understand. In this process, the computer only receives the machine language version. Both scripts and “traditional” computer programs work this way. The main difference between the two is when this compiling happens: Scripts are delivered to the “client” (the computer or browser) as text and immediately compiled, before being executed. Whereas traditional programs are compiled in advance, and delivered to the client in compiled form.
Most websites are written partially as scripts. These scripts execute in the browser, allowing the website to react to what the user clicks on, scrolls to, etc. For example, when a website reports that a new password isn’t long enough or doesn’t contain the right special characters, a script is running.
There are many scripting languages, including JavaScript and Python. These scripting languages can be used in a variety of situations, and run on either a server or a client.
What is the purpose of a script?
Scripts have many uses. A script may be a simple standalone program, such as a short batch job of a few lines of commands that compiles a program, or runs automated tasks. A script can also operate within a larger program, for example when a website script written in JavaScript runs within your browser, or when a compiled application uses a script to retrieve or post data. A script is also a fast, accessible way to build a prototype before proceeding to full program development.
Why are scripting languages so popular?
Scripts are relatively easy to work with, and often faster to learn than a compiled language. They’re handy when a compiled program isn’t necessary, and developers want to be able to make quick changes to an app. Scripts are popular for developing third-party add-ons (such as for gaming), since they are readily shared with other programmers.
Are Web scripts a threat?
Web scripting allows the content a site provides to change dynamically based on your actions, giving you a more personalized interaction with the site.
Unfortunately, scripts can also be used for dishonest purposes. There are scripts intended from the outset to be malicious, perhaps to gather personal information. Malicious scripts are often found on fraudulent sites, like a phishing site (reelcompany.com) that looks very similar to a legitimate site (realcompany.com).
Sometimes a “good” script can get hacked. There are many online forums where developers share blocks of code that perform common, everyday tasks. Using pre-written code from this kind of library can be helpful and time saving, but the code may have been altered to contain malicious code. If the developer fails to notice the malicious code, they may inadvertently introduce it into a script or program that your device uses.
Sometimes a script may be on a legitimate site and work exactly as intended, but still be undesirable. Such scripts can be used for tracking and fingerprinting, collecting information about you or your online activity.
In general, scripts work in the background, so you won’t know that a script is doing something you don’t want it to.
Should I disable scripts in my browser?
As a rule, this isn’t a good idea. If you select the “disable scripts” option in your browser settings, you may find that very few websites will function. Most websites today use at least some scripting to enhance your browsing. Disabling scripts may break the site.
How can I protect myself from unwanted scripts?
A better approach to protecting yourself is to use a browser that blocks harmful scripts. Brave’s Shields feature, for example, does this by default. It uses filter lists to identify (and protect against) malicious scripts.
It’s also good to only visit trusted sites or apps. Developers have a responsibility to provide safe code for their users. Developers can do so by developing in-house (as opposed to outsourcing or reusing code), securing and maintaining internal code libraries, using only trusted external libraries, and reviewing code brought in from external libraries.