I like how preacher knows nothing ^_^, that's cool. Basically this ended up being a vulnerability with the potential to be exploited with severity, but has not been done so yet by any skiddie tool. Yall should be ok then eh?

Do you mean you have javascript turned off?
So the browser does load and run the javascript. If it sees a <script> tag with javascript, it will not read (at least I don't think it'll read) and certainly should not execute it after JS is turned off.