With step-by-step in­struc­tions, we’ll explain how to disable JavaScript in Mozilla Firefox, Google Chrome and Microsoft Edge. We’ll also take a look at different security risks as­so­ci­at­ed with disabling the scripting language.

How do you disable JavaScript in browsers?

All popular web browsers offer the pos­si­bil­i­ty to disable JavaScript. The location of this feature varies from browser to browser. We’ll explain below how to disable JavaScript in Mozilla Firefox, Google Chrome and Microsoft Edge. All it takes is just a few clicks.

How to disable JavaScript in Firefox

If you want to disable JavaScript in Firefox, you need to use the con­fig­u­ra­tion editor. While prior to version 23, users could disable JavaScript in the browser settings, this option is no longer available. To disable JavaScript in Firefox, follow the steps below:

Step 1: Enter about:config in the address line and press Enter.

Step 2: If you are opening the con­fig­u­ra­tion editor for the first time, Firefox will show the following warning before redi­rect­ing you. Click Accept the Risk and Continue to access the con­fig­u­ra­tion settings.

Image: Warning that appears when opening the Firefox configuration editor
Warning: If you make changes to the Firefox con­fig­u­ra­tion editor, the warranty provided by the browser may no longer be valid.
Tip

If you don’t want to receive this warning every time you access the con­fig­u­ra­tion editor, simply remove the check mark next to Warn me when I attempt to access these pref­er­ences.

Step 3: Enter javascript.enabled into the con­fig­u­ra­tion editor search bar. Firefox will au­to­mat­i­cal­ly filter the line you want from the rest of the settings. Click on the toggle switch to change the value of the setting from true to false.

Image: Firefox setting “javascript.enabled”
You can adjust values in the Firefox con­fig­u­ra­tion editor using the toggle switch. Al­ter­na­tive­ly, you can also double-click on a setting to change its value.
Note

If you decide you want JavaScript enabled in Firefox again, click on the toggle switch once more to re-enable the scripts.

How to disable JavaScript in Chrome

Google Chrome users can manage JavaScript options directly in their browser settings.

Step 1: Click on the menu icon (three points) in the upper right corner of your browser window and select Settings to open the browser settings.

Image: Google Chrome menu
You can find the settings for the browser in the main menu of Chrome.

Step 2: Click on Privacy and security in the menu on the left and then on Site settings.

Image: Google Chrome: Site settings
In Google Chrome, site settings are located in the Privacy and Security menu.

Step 3: Scroll down to the section labeled Content and then click on JavaScript.

Image: Google Chrome: Content settings
Google Chrome: Content settings

Step 4: In Chrome, JavaScript is au­to­mat­i­cal­ly enabled. If you to want to disable JavaScript for all websites, choose the option Don’t allow sites to use JavaScript. You also have the option to disable or enable JavaScript for certain sites in the section labeled Cus­tomized behaviors.

Image: Google Chrome: JavaScript settings
In Chrome’s JavaScript settings, you can manage block and allow lists for JavaScript.
Tip

Find out how to enable JavaScript in Google Chrome in our Digital Guide.

How to disable JavaScript in Microsoft Edge

Microsoft offers Edge users the option to stop the client-side execution of scripts. You can disable JavaScript in the Edge browser settings by following the steps below:

Step 1: Go to the general menu of Edge (three-dot icon) and select the menu item Settings.

Image: Microsoft Edge: Settings button
Microsoft Edge: Settings button in the browser’s general menu

Step 2: In the left sidebar menu, click on Cookies and Site Per­mis­sions and scroll down to the All Per­mis­sions section. Here, you’ll find the entry JavaScript. Select this option.

Image: JavaScript menu item in Edge
In the Cookies and Site Per­mis­sions menu, you can define a variety of per­mis­sions such as allowing JavaScript, location access and mi­cro­phone access.

Step 3: Move the toggle switch in the Allowed (rec­om­mend­ed) line to the left to disable JavaScript in Edge. You can also enable or disable the scripting language for in­di­vid­ual websites by creating an entry in the allow list (to enable) or block list (to disable).

Image: Edge: Disable JavaScript
You can disable JavaScript in Edge by moving the toggle switch to the left.
Tip

Find out how to enable JavaScript in Microsoft Edge so you can turn the scripting language back on whenever you want.

What effect does disabling JavaScript have on websites?

Before you disable JavaScript in your web browser, you should be aware of the con­se­quences. According to w3techs.com, ap­prox­i­mate­ly 99% of web pages on the internet use the scripting language. Often, these pages can only be displayed correctly if your web browser is able to process JavaScript.

It’s also important to keep in mind that not all websites have al­ter­na­tive versions that can function without scripts. If you disable JavaScript, you run the risk of missing out on essential content.

Tip

An al­ter­na­tive to disabling JavaScript in the browser is browser ex­ten­sions that restrict the client-side execution of scripts according to user-defined rules. The market leader in this area is the open-source Firefox plugin NoScript.

What risks does JavaScript pose?

Alongside HTML and CSS, JavaScript is one of the standard tech­nolo­gies of the web. Client-side pro­gram­ming is in­dis­pens­able in modern web de­vel­op­ment and can be found every­where on the internet. However, it’s important to be aware of the risks as­so­ci­at­ed with JavaScript.

Note

Aside from their names, Java and JavaScript have little in common. They are two distinct pro­gram­ming languages, with each one offering ways to execute code on the client side in the browser. The sim­i­lar­i­ty in their names is a result of marketing strate­gies.

In essence, JavaScript is a pro­gram­ming language with very limited per­mis­sions. The scripting language allows you to:

  • ma­nip­u­late your current browser window using DOM (Document Object Model)
  • open new browser or dialog windows
  • animate, show, hide or modify page elements
  • validate input values
  • load Ajax content
  • transmit in­for­ma­tion about the user’s reading habits and browsing ac­tiv­i­ties to other websites

JavaScript only has access to users’ cookies and other data storage that is des­ig­nat­ed for websites. JavaScript does not have access to users’ hard drives, so it is unable to call libraries or launch ad­di­tion­al programs on the computer. These lim­i­ta­tions are enforced by the sandbox principle, which confines the impact of scripts to the browser window where JavaScript is being executed.

Despite these lim­i­ta­tions, JavaScript can still be ma­nip­u­lat­ed. The scripting language can be misused to:

  • extract in­for­ma­tion about the browser or operating system in order to track user behavior or exploit security vul­ner­a­bil­i­ties (such as outdated plugins)
  • open numerous pop-up windows to overwhelm a user’s computer (known as Denial of Service, or DoS)
  • conceal malicious code
  • mimic websites from trusted providers as part of a phishing attack

In addition, pro­gram­ming errors may only become apparent when a script is executed on a user’s computer.

The primary security risk, however, has less to do with the scripting language itself and more with the specific JavaScript in­ter­preter used within a browser. If an in­ter­preter contains flaws, this can lead to security vul­ner­a­bil­i­ties that need to be dealt with quickly. Only by doing so, can you be sure that scripts are operating in isolation in a sandbox en­vi­ron­ment and aren’t able to impact other programs or the core system.

Note

Cross-Site-Scripting (XSS) is a type of cy­ber­at­tack where hackers exploit security flaws in ap­pli­ca­tions by injecting malicious code into client-side executed scripts. Read more about this type of attack in our Digital Guide.

Go to Main Menu