JavaScript (JS) is a popular scripting language that becomes very useful when enhancing a website, an entire website shouldn’t rely totally on JS due to the following:

• Structure can become lost and the site may be harder to maintain. Separation between HTML and your logic is a must.
• Screen-readers & Crawlers don’t execute JS, this can be a loss for SEO.
• Source code that is accessible for anyone to view can create security risks. Hackers or even bots can attempt to exploit the code in a much easier fashion. XSS & CSRF are two of the basics that should be looked at in depth.
• All in all if i’m a security obsessed user running without JS I won’t be able to use the site. How likely is this really? The option is available in browsers so you must take this into consideration when building a site.
• Bigger corporations (Optus, Telstra), schools, governments tend to run browsers with JS disabled to prevent exploits and malicious software from running. If your target market works 5 days a week and can’t access the site at work you will lose those users.

While server side JS has been available since early 1996 it hasn’t been formally maintained, more of a focus was put on the client-server side. More and more alternatives are coming out allowing JS to be used server side, such as the ever popular “node.js“. This has it’s downsides as well:

• Limited communities supporting.
• Limited frameworks available. Not following an MVC structure for a large scale website written in something like node.js. Yeah have fun maintaining that.
• Server support for things like Daemons to keep node.js running are non existent although many people have valid work arounds.

Given a few more years I could easily see JS as the new Ruby, at this stage I don’t see it being secure enough.