I think replacing it with something else is the wrong way of looking at it. We should not encourage any “perceived safe” way of allowing others to execute code on our machine in a drive by fashion.
With Adrian Cochrane (the author of Odisseus Web Browser) and a couple other guys, we are brainstorming on the principles that should drive the design and development of a better web (in no order… sorry):
Unfortunately the mastodon ui is not great for brainstorming.
The idea is to go back to a JS-free web, with an better designed markup to support cool HyperTexts but not applications.
That is, forums but not chats.
We are still brainstorming, but you are welcome to join.
It’s also worth noting that artical does not presume there’s a “safe” way to allow others to execute code on our computers. We really just have to trust the developers.
The suggestions from the artical (to sum it up) are basically to 1) make link targets more powerful and 2) allow CSS to be made conditional on the presence of another selector.
I find these suggestions very intriguing and should be more than enough to, say, recreate this site’s interface, though it would be a little heavier on the server. Which could probably be fixed without reintroducing clientside scripting.