AMP does not allow Javascript for security reasons, since AMP cache is hosted on Google domains
allowing JavaScript would allow you to read google cookies, which is a major security concern
allowing JavaScript would allow you to create identical phishing pages, it is very dangerous
Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.
Cookies are data, stored in small text files, on your computer.
When a web server has sent a web page to a browser, the connection is shut down, and the server forgets everything about the user.
When a user visits a web page, his/her name can be stored in a cookie. Next time the user visits the page, the cookie "remembers" his/her name.
google has taken several measures to reduce the dangers, they have limited use of javascript and inability to create identical phishing pages