why does AMP not allow javascript

accelerated mobile pages

AMP does not allow Javascript for security reasons, since AMP cache is hosted on Google domains

allowing JavaScript would allow you to read google cookies, which is a major security concern

malicious things you could do

malicious things you could do

create identical phishing pages

allowing JavaScript would allow you to create identical phishing pages, it is very dangerous

phishing pages

Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.

read google cookies

Cookies are data, stored in small text files, on your computer.

When a web server has sent a web page to a browser, the connection is shut down, and the server forgets everything about the user.

javascript cookies

When a user visits a web page, his/her name can be stored in a cookie. Next time the user visits the page, the cookie "remembers" his/her name.


google has taken several measures to reduce the dangers, they have limited use of javascript and inability to create identical phishing pages

amp phishing


AMP official site

AMP official site