Rethink javascript warning

[micahflee]

Tor Browser 4.5 (and Tails 1.4) include much more fine-grained security settings than before. Rather than telling users to disable js using NoScript, I think it makes more sense to tell them to adjust to a more secure setting -- either High or Medium-High.

[Taipo]

Makes sense.

[garrettr]

Agreed, although NoScript still works for now (in current release TB 4.5.1) so I don't think it is urgent to make this change. The protection from the Security Slider is more holistic, so it would be good to switch over eventually.

Note that the "High" security setting breaks our cute icon fonts (via Font Awesome), probably due to "some font rendering features are disabled". The breakage looks bad/sketchy. We should look into this more before recommending people switch the Security Level to "High". There are no issues on "Medium-High".

[psivesely]

Medium-High does not block JavaScript on non-HTTPS webpages. It would be best to figure out a different icon solution, so the page loads properly under High. I agree it looks sketchy and could potentially turn a source away with the breakage should so that should be fixed before switching this instruction.

Also, users should be encouraged to reset their identity via Torbutton after switching to the High setting.

[micahflee]

It should be easy enough to replace the Font Awesome icons with images, instead of characters in a font. We only use a handful of them anyway.

[psivesely]

Should be noted this also breaks icons on the SecureDrop website and ReadTheDocs.