Your website seems fast enough to you? Are sure that your visitors share the same opinion? Through that question, we intend to talk about the huge differences of web connections among your users… and about the effects about how they will experience your website performance. Continue reading
Cookies are omnipresent all over the web as they let publishers store data directly on the user’s web browser. Especially used to identify the user session allowing the web server to recognize him all along his browsing, cookies usually contain sensitive data. You have to properly protect them. Continue reading
We have announced it a couple months ago: our web performance testing tool now fully supports HTTP/2 and our best practices repository has been updated to handle the particularities of this new protocol. Now, let’s go back to the reasons of HTTP/2 emergence and talk about the major changes this protocol brings, and these old HTTP/1 best practices that we will have to give up! Continue reading
Web performance testing tools like Google Page Speed or Dareboost already pointed it: injecting a script by using document.write instruction causes severe issues about websites loading time. Let’s talk about this topic one more time, as the next Chrome update to come won’t allow such scripts injections any longer. What kind of issues may you experience? Which alternatives to find?
Now that we have seen how CSP can be useful in preventing injections of content within your web pages, let’s have a look on some technical elements about CSP implementation, and a few ideas about the methodology to adopt. Continue reading
Thanks to Content Security Policy, you can protect your website from numerous vulnerabilities concerning content injection. Let’s see why and how to use that simple but powerful HTTP header, now widely supported by web browsers.
You may have already heard about Single Points Of Failure (SPOF), generally dealing with network matters. Did you know that SPOF is also an issue at front-end dev stage? Could you imagine your website to be reliant on Twitter or Facebook’s servers?
About a year ago, I have published an article about HTTPs usage growth: Chrome, Firefox and Google Search: HTTPS forcing its way. In this article I detailed some major announcements, that would probably result in pushing HTTPs forward.
Ever since, requests using HTTPs reach 25% according to HttpArchive data (compared to 15% in April 2015).
In this post, we’re going to focus on today’s results of the previous announcements, on the last changes, and especially on why you should consider HTTPs as a requirement for your website (not only for security or SEO considerations!)