It wouldn’t even have to be a “suspicious” page. Regular sites get hijacked or get code injected into them all the time. How are security-conscious organizations and users going to respond to this news? I suspect that we’ll see a higher rate of users who have either turned JS off, or have had it turned off for them. We may not be able to rely on it as much as we have been lately.