Ah, I’m not speaking about JavaScript within the content of wikipedia as you are.

I’m referring to the use of JavaScript in general in the building of web apps themselves. My comment is the same about 2FA.

I’m making these comments from the general perspective because I see it as a security risk when front end scriptability and app logic are more available than say server side apps.

Hope that clarifies my comments.