We all know that Javascript is not commonly associated with security. But Javascript is required to ensure proper client-side encryption of your messages. Without scripting it is not possible to keep your message secret, because someone else would have to carry out encryption for you.
Why Javascript?
Your note should be secret to you and the recipient, right? Your note is secret as long as only you and your recipient have its encryption key. And here we need Javascript: Browser-side scripting is the only way to keep the encryption key in your browser - without scripting, the server would have to carry out encryption (and therefore need the encryption key). But if the server would get the encryption key, he could (in theory) decrypt and read your secret note, and you wouldn't even notice. But with javascript, your note is safe even from rogue servers, because your encryption key is never sent.
Read more in the F.A.Q