@craigmaloney This is why I use NoScript and block JS by default. Many sites work fine without JS (some work better!), and I can enable JS on a domain-by-domain basis as needed.
There are a billion ways advertisers can uniquely fingerprint your browser, and most of those techniques rely on JS. Things like font enumeration, history enumeration, this new password manager hack, etc.
Sadly, it's the only secure way to use the web now.