SlideShare uma empresa Scribd logo

Google I/O 2012 - Protecting your user experience while integrating 3rd party code

Transferir como PPTX, PDF
Patrick Meenan
Patrick Meenan

The amount of 3rd-party content included on websites is exploding (social sharing buttons, user tracking, advertising, code libraries, etc). Learn tips and techniques for how best to integrate them into your sites without risking a slower user experience or even your sites becoming unavailable. Video is available here: http://www.youtube.com/watch?v=JB4ulhFFdH4&feature=plcp

TecnologiaNotícias e política
1 de 51
Protecting your User Experience While Integrating 3rd-party Code Patrick Meenan Software Engineer
A simple content page
Feels Like http://youtu.be/HSbHNIvhOFU
The Social Widget
When the widget is Unavailable http://youtu.be/3-zaos02CxI
Because of This: HTML <script src=‘https://apis.google.com/js/plusone.js’></script > Instead of: HTML <script> (function() { var po = document.createElement(‘script’); po.src = ‘https://apis.google.com/js/plusone.js’; var s = document.getElementsByTagName(‘script’)[0]; s.parentNode.insertBefore(po, s); })(); </script> http://www.stevesouders.com/blog/2009/12/01/google-analytics-goes-async/
Loaded Asynchronously http://youtu.be/krin-F65Fd8
Loaded Asynchronously http://youtu.be/krin-F65Fd8
And Monitoring Says… • Server Monitoring Base page responded in 0.160 seconds • Full-Browser Monitoring Page loaded in 25 seconds • Analytics Page Views Loaded and executed asynchronously • Real User Monitoring Performance Reporting No data if user bailed before onLoad
There’s More! On that one page, all before the main content: HTML <script src=‘http://code.jquery.com/jquery-1.7.1.min.js’></script> <script src=‘http://scripts.verticalacuity.com/vat/mon/vt.js’></script> <script src=‘http://ak.sail-horizon.com/scout/v1.js’></script> <script src=‘//cdn.optimizely.com/js/xxxxx.js’></script> <script src=‘https://platform.twitter.com/anywhere.js’></script> <script src=‘http://www.reddit.com/static/button/button1.js’></script> <script src=‘http://widgets.digg.com/buttons.js’></script> <script src=‘//assets.pinterest.com/js/pinit.js’></script> <script src=‘//platform.linkedin.com/in.js’></script> 10
HTTP Archive http://httparchive.org/trends.php
But I’d Notice…. • Globally? – Social sites tend to be targets for blocking • platform.twitter.com • connect.facebook.net • apis.google.com – HTTPS as well • In an Enterprise? – Corporate policies
Back-end vs Front-end Base Page (Back-end) Front-end First Paint
High Availability Server Architectures DNS Read-Only Database Load Balancers App Servers Site 1 Database Master Site 2
All for… Base Page (Back-end)
To the Front End!
Async Snippet Good for code with no dependencies (widgets) HTML <script> (function() { var po = document.createElement(‘script’); po.src = ‘https://apis.google.com/js/plusone.js’; var s = document.getElementsByTagName(‘script’)[0]; s.parentNode.insertBefore(po, s); })(); </script> 17
Put Scripts at the Bottom • Easy to implement and describe • Delays script loading and execution later than Async at the top HTML … <script src=‘//assets.pinterest.com/js/pinit.js’></script> </body> 18
Protocol-relative URLs • Look strange • Safe across all browsers (for Javascript) HTML //ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min .js Instead of: https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jque ry.min.js 19
Async Loaders Help for dependency chaining • Modernizr • LABjs • RequireJS • ControlJS Modernizr.load([{ HTML load: '//ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.js', }, { load: 'needs-jQuery.js' }]); 20
HTML Modernizr.load([ { load: '//ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.js', complete: function () { if ( !window.jQuery ) { Modernizr.load('js/libs/jquery-1.7.1.min.js'); } } }, { load: 'needs-jQuery.js' } ]); 21
Well, Almost… Desktop Browser OnLoad Blocked Mobile Browser OnLoad Blocked Chrome Yes Android 2.x No Firefox Yes Android 4.x Yes Internet Explorer 9- No Chrome Mobile Yes Internet Explorer 10 Yes iOS 4 No Safari 5+ Yes iOS 5 Yes Opera Yes IE Mobile 9 No http://www.browserscope.org/user/tests/table/agt1YS1wcm9maWxlcnINCxIEVGVzdBjrq90MDA 22
How are we doing?
Widgets Async Blocking Google Analytics Google +1 Badge Google +1 Button Twitter Anywhere Twitter Tweet Button Facebook Channel File Example Facebook Like Button Pinterest (end of body) Digg Reditt AddThis ShareThis
Code Libraries (examples) • Jquery: Blocking in the head • Closure Library: Blocking in the head • YUI: Blocking • Dojo: Blocking in the head • Moo Tools: Blocking in the head • Google jsapi: Blocking (default, Async available)
Ad Providers • Doubleclick: Fully Async available (October 2011) • Adsense: Blocking script, ad itself is async • Others: Ask – iFrame solutions are async
Demonstrating Frontend SPOF
Routing to localhost • Fails FAST! (connections rejected) • Not good for real failure scenarios
You Need a Black Hole blackhole.webpagetest.org – 72.66.115.13 hosts file 72.66.115.13 ajax.googleapis.com 72.66.115.13 apis.google.com 72.66.115.13 www.google-analytics.com 72.66.115.13 connect.facebook.net 72.66.115.13 platform.twitter.com ... Courtesy NASA/JPL-Caltech. 29
On WebPagetest.org setDnsName ajax.googleapis.com blackhole.webpagetest.org setDnsName apis.google.com blackhole.webpagetest.org setDnsName www.google-analytics.com blackhole.webpagetest.org setDnsName connect.facebook.net blackhole.webpagetest.org setDnsName platform.twitter.com blackhole.webpagetest.org navigate your.url.com http://www.webpagetest.org/ 30
SPOF-O-Matic
In The Chrome Web Store https://chrome.google.com/webstore/detail/plikhggfbplemddobondkeogomgoodeg https://github.com/pmeenan/spof-o-matic
Normal Operation Gray circle = Boring/Good
SPOF Detected Warning indicator = SPOF Detected
SPOF Details
Amount of page content blocked Near the top = BAD Near the bottom = Better
Whitelisting
Resetting Third Party/White Lists
Turning on Blocking
Blocking Enabled Black Hole Enabled
Resources Blocked Black Hole Used
Pages in the Wild
News* CNN News Article Page HTML <script src=‘http://cache-02.cleanprint.net/cpf/cleanprint?key=cnn’> <script src=‘http://connect.facebook.net/en_US/all.js’> today.msnbc.msn.com HTML <script src=‘http://www.polls.newsvine.com/_elliott/jenga’> <script src=‘http://amch.questionmarket.com/…/randm.js’> <script src=‘http://use.typekit.com/kjy8rxx.js’> ABC News Main Page HTML <script src=‘http://connect.facebook.net/en_US/all.js’> *As of May 2012 43
Blogs/Content* The Verge Article Page HTML <script src=‘http://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js’> <script src=‘http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.15/jquery- ui.min.js’> CBS Sports Article Page <script src=‘http://tags.crwdcntrl.net/c/1198/cc_af.js’> HTML <script src=‘//platform.twitter.com/widgets.js’> Tumblr HTML <script src=‘https://www.google.com/recaptcha/api/js/recaptcha_ajax.js’> Cnet.com HTML <script src=‘http://html5shim.googlecode.com/svn/trunk/html5.js’> *As of May 2012 44
Political sites* whitehouse.gov HTML <script src=‘https://www.google.com/recaptcha/api/js/recaptcha_ajax.js’> <script src=‘https://s7.addthis.com/js/250/addthis_widget.js’> democrats.org HTML <script src=‘https://use.typekit.com/wym0ldn.js’> gop.com HTML <script src=‘http://tags.crwdcntrl.net/c/546/cc.js’> *As of May 2012 45
E-Commerce* Newegg Product Page HTML <script src=‘http://assets.pinterest.com/js/pinit.js’> Best Buy Product Page HTML <script src=‘http://bestbuy.ugc.bazaarvoice.com/static/3545w/bvapi.js’> <script src=‘http://platform.twitter.com/widgets.js’> Target HTML <script src=‘http://media.richrelevance.com/rrserver/js/1.0/p13n.js’> Redbox HTML <script src=‘http://connect.facebook.net/en_US/all.js#xfbml=1’> *As of May 2012 46
Homework
Widget Owners • Never EVER provide blocking snippets • All examples should be asynchronous • Do not force HTTPS if it isn't required • Where possible, allow for sites to self-host any critical code
Site Owners • Never load 3rd party resources synchronously – refuse 3rd party code that doesn't have an async option • Do not rely on onload for important functionality • Make sure your monitoring has aggressive time limits (under 20 seconds) • Make sure your real user monitoring has an aggressive timeout • Track real user failures by region
Live Browsing with SPOF-O-Matic
Thank You! pmeenan@webpagetest.org @patmeenan +Patrick Meenan

Recomendados

Preconnect, prefetch, prerender...
Preconnect, prefetch, prerender...Preconnect, prefetch, prerender...
Preconnect, prefetch, prerender...
MilanAryal
 
Progressive Enhancement 2.0 (Conference Agnostic)
Progressive Enhancement 2.0 (Conference Agnostic)Progressive Enhancement 2.0 (Conference Agnostic)
Progressive Enhancement 2.0 (Conference Agnostic)
Nicholas Zakas
 
Prebrowsing - Velocity NY 2013
Prebrowsing - Velocity NY 2013Prebrowsing - Velocity NY 2013
Prebrowsing - Velocity NY 2013
Steve Souders
 
Browser Wars Episode 1: The Phantom Menace
Browser Wars Episode 1: The Phantom MenaceBrowser Wars Episode 1: The Phantom Menace
Browser Wars Episode 1: The Phantom Menace
Nicholas Zakas
 
Your Script Just Killed My Site
Your Script Just Killed My SiteYour Script Just Killed My Site
Your Script Just Killed My Site
Steve Souders
 
Progressive Enhancement 2.0 (jQuery Conference SF Bay Area 2011)
Progressive Enhancement 2.0 (jQuery Conference SF Bay Area 2011)Progressive Enhancement 2.0 (jQuery Conference SF Bay Area 2011)
Progressive Enhancement 2.0 (jQuery Conference SF Bay Area 2011)
Nicholas Zakas
 
JavaScript Performance (at SFJS)
JavaScript Performance (at SFJS)JavaScript Performance (at SFJS)
JavaScript Performance (at SFJS)
Steve Souders
 
Progressive Downloads and Rendering - take #2
Progressive Downloads and Rendering - take #2Progressive Downloads and Rendering - take #2
Progressive Downloads and Rendering - take #2
Stoyan Stefanov
 

Recomendados

Preconnect, prefetch, prerender...
Preconnect, prefetch, prerender...Preconnect, prefetch, prerender...
Preconnect, prefetch, prerender...
MilanAryal
 
Progressive Enhancement 2.0 (Conference Agnostic)
Progressive Enhancement 2.0 (Conference Agnostic)Progressive Enhancement 2.0 (Conference Agnostic)
Progressive Enhancement 2.0 (Conference Agnostic)
Nicholas Zakas
 
Prebrowsing - Velocity NY 2013
Prebrowsing - Velocity NY 2013Prebrowsing - Velocity NY 2013
Prebrowsing - Velocity NY 2013
Steve Souders
 
Browser Wars Episode 1: The Phantom Menace
Browser Wars Episode 1: The Phantom MenaceBrowser Wars Episode 1: The Phantom Menace
Browser Wars Episode 1: The Phantom Menace
Nicholas Zakas
 
Your Script Just Killed My Site
Your Script Just Killed My SiteYour Script Just Killed My Site
Your Script Just Killed My Site
Steve Souders
 
Progressive Enhancement 2.0 (jQuery Conference SF Bay Area 2011)
Progressive Enhancement 2.0 (jQuery Conference SF Bay Area 2011)Progressive Enhancement 2.0 (jQuery Conference SF Bay Area 2011)
Progressive Enhancement 2.0 (jQuery Conference SF Bay Area 2011)
Nicholas Zakas
 
JavaScript Performance (at SFJS)
JavaScript Performance (at SFJS)JavaScript Performance (at SFJS)
JavaScript Performance (at SFJS)
Steve Souders
 
Progressive Downloads and Rendering - take #2
Progressive Downloads and Rendering - take #2Progressive Downloads and Rendering - take #2
Progressive Downloads and Rendering - take #2
Stoyan Stefanov
 
High Performance Mobile (SF/SV Web Perf)
High Performance Mobile (SF/SV Web Perf)High Performance Mobile (SF/SV Web Perf)
High Performance Mobile (SF/SV Web Perf)
Steve Souders
 
High Performance HTML5 (SF HTML5 UG)
High Performance HTML5 (SF HTML5 UG)High Performance HTML5 (SF HTML5 UG)
High Performance HTML5 (SF HTML5 UG)
Steve Souders
 
Mobile Web Speed Bumps
Mobile Web Speed BumpsMobile Web Speed Bumps
Mobile Web Speed Bumps
Nicholas Zakas
 
Progressive Enhancement
Progressive EnhancementProgressive Enhancement
Progressive Enhancement
Zach Leatherman
 
Frontend SPOF
Frontend SPOFFrontend SPOF
Frontend SPOF
Patrick Meenan
 
Souders WPO Web2.0Expo
Souders WPO Web2.0ExpoSouders WPO Web2.0Expo
Souders WPO Web2.0Expo
guest0b3d92d
 
10 Things Web Designers tend to forget when doing SEO
10 Things Web Designers tend to forget when doing SEO10 Things Web Designers tend to forget when doing SEO
10 Things Web Designers tend to forget when doing SEO
Timon Hartung
 
Real World Web Standards
Real World Web StandardsReal World Web Standards
Real World Web Standards
gleddy
 
Progressive web and the problem of JavaScript
Progressive web and the problem of JavaScriptProgressive web and the problem of JavaScript
Progressive web and the problem of JavaScript
Christian Heilmann
 
Design+Performance
Design+PerformanceDesign+Performance
Design+Performance
Steve Souders
 
Progressive Web Apps - Intro & Learnings
Progressive Web Apps - Intro & LearningsProgressive Web Apps - Intro & Learnings
Progressive Web Apps - Intro & Learnings
Johannes Weber
 
Web Apps and more
Web Apps and moreWeb Apps and more
Web Apps and more
Yan Shi
 
An introduction to juice
An introduction to juice An introduction to juice
An introduction to juice
juiceproject
 
[peachpit] Adaptive Images in Responsive Web Design
[peachpit] Adaptive Images in Responsive Web Design[peachpit] Adaptive Images in Responsive Web Design
[peachpit] Adaptive Images in Responsive Web Design
Christopher Schmitt
 
Nahlédněte za oponu VersionPressu
Nahlédněte za oponu VersionPressuNahlédněte za oponu VersionPressu
Nahlédněte za oponu VersionPressu
Jan Voracek
 
HTML5@电子商务.com
HTML5@电子商务.comHTML5@电子商务.com
HTML5@电子商务.com
kaven yan
 
do u webview?
do u webview?do u webview?
do u webview?
Steve Souders
 
Use Web Skills To Build Mobile Apps
Use Web Skills To Build Mobile AppsUse Web Skills To Build Mobile Apps
Use Web Skills To Build Mobile Apps
Nathan Smith
 
State of the resource timing api
State of the resource timing apiState of the resource timing api
State of the resource timing api
Aaron Peters
 
HTML5 kickstart - Brooklyn Beta workshop 21.10.2010
HTML5 kickstart - Brooklyn Beta workshop 21.10.2010HTML5 kickstart - Brooklyn Beta workshop 21.10.2010
HTML5 kickstart - Brooklyn Beta workshop 21.10.2010
Patrick Lauke
 
TLS - 2016 Velocity Training
TLS - 2016 Velocity TrainingTLS - 2016 Velocity Training
TLS - 2016 Velocity Training
Patrick Meenan
 
An analysis of TLS handshake proxying
An analysis of TLS handshake proxyingAn analysis of TLS handshake proxying
An analysis of TLS handshake proxying
Nick Sullivan
 

Mais conteúdo relacionado

Mais procurados

High Performance Mobile (SF/SV Web Perf)
High Performance Mobile (SF/SV Web Perf)High Performance Mobile (SF/SV Web Perf)
High Performance Mobile (SF/SV Web Perf)
Steve Souders
 
Souders WPO Web2.0Expo
Souders WPO Web2.0ExpoSouders WPO Web2.0Expo
Souders WPO Web2.0Expo
guest0b3d92d
 
Progressive web and the problem of JavaScript
Progressive web and the problem of JavaScriptProgressive web and the problem of JavaScript
Progressive web and the problem of JavaScript
Christian Heilmann
 
[peachpit] Adaptive Images in Responsive Web Design
[peachpit] Adaptive Images in Responsive Web Design[peachpit] Adaptive Images in Responsive Web Design
[peachpit] Adaptive Images in Responsive Web Design
Christopher Schmitt
 
HTML5 kickstart - Brooklyn Beta workshop 21.10.2010
HTML5 kickstart - Brooklyn Beta workshop 21.10.2010HTML5 kickstart - Brooklyn Beta workshop 21.10.2010
HTML5 kickstart - Brooklyn Beta workshop 21.10.2010
Patrick Lauke
 

Mais procurados (20)

High Performance Mobile (SF/SV Web Perf)
High Performance Mobile (SF/SV Web Perf)High Performance Mobile (SF/SV Web Perf)
High Performance Mobile (SF/SV Web Perf)
 
High Performance HTML5 (SF HTML5 UG)
High Performance HTML5 (SF HTML5 UG)High Performance HTML5 (SF HTML5 UG)
High Performance HTML5 (SF HTML5 UG)
 
Mobile Web Speed Bumps
Mobile Web Speed BumpsMobile Web Speed Bumps
Mobile Web Speed Bumps
 
Progressive Enhancement
Progressive EnhancementProgressive Enhancement
Progressive Enhancement
 
Frontend SPOF
Frontend SPOFFrontend SPOF
Frontend SPOF
 
Souders WPO Web2.0Expo
Souders WPO Web2.0ExpoSouders WPO Web2.0Expo
Souders WPO Web2.0Expo
 
10 Things Web Designers tend to forget when doing SEO
10 Things Web Designers tend to forget when doing SEO10 Things Web Designers tend to forget when doing SEO
10 Things Web Designers tend to forget when doing SEO
 
Real World Web Standards
Real World Web StandardsReal World Web Standards
Real World Web Standards
 
Progressive web and the problem of JavaScript
Progressive web and the problem of JavaScriptProgressive web and the problem of JavaScript
Progressive web and the problem of JavaScript
 
Design+Performance
Design+PerformanceDesign+Performance
Design+Performance
 
Progressive Web Apps - Intro & Learnings
Progressive Web Apps - Intro & LearningsProgressive Web Apps - Intro & Learnings
Progressive Web Apps - Intro & Learnings
 
Web Apps and more
Web Apps and moreWeb Apps and more
Web Apps and more
 
An introduction to juice
An introduction to juice An introduction to juice
An introduction to juice
 
[peachpit] Adaptive Images in Responsive Web Design
[peachpit] Adaptive Images in Responsive Web Design[peachpit] Adaptive Images in Responsive Web Design
[peachpit] Adaptive Images in Responsive Web Design
 
Nahlédněte za oponu VersionPressu
Nahlédněte za oponu VersionPressuNahlédněte za oponu VersionPressu
Nahlédněte za oponu VersionPressu
 
HTML5@电子商务.com
HTML5@电子商务.comHTML5@电子商务.com
HTML5@电子商务.com
 
do u webview?
do u webview?do u webview?
do u webview?
 
Use Web Skills To Build Mobile Apps
Use Web Skills To Build Mobile AppsUse Web Skills To Build Mobile Apps
Use Web Skills To Build Mobile Apps
 
State of the resource timing api
State of the resource timing apiState of the resource timing api
State of the resource timing api
 
HTML5 kickstart - Brooklyn Beta workshop 21.10.2010
HTML5 kickstart - Brooklyn Beta workshop 21.10.2010HTML5 kickstart - Brooklyn Beta workshop 21.10.2010
HTML5 kickstart - Brooklyn Beta workshop 21.10.2010
 

Destaque

Hands on performance testing and analysis with web pagetest
Hands on performance testing and analysis with web pagetestHands on performance testing and analysis with web pagetest
Hands on performance testing and analysis with web pagetest
Patrick Meenan
 
Measuring the visual experience of website performance
Measuring the visual experience of website performanceMeasuring the visual experience of website performance
Measuring the visual experience of website performance
Patrick Meenan
 

Destaque (20)

TLS - 2016 Velocity Training
TLS - 2016 Velocity TrainingTLS - 2016 Velocity Training
TLS - 2016 Velocity Training
 
An analysis of TLS handshake proxying
An analysis of TLS handshake proxyingAn analysis of TLS handshake proxying
An analysis of TLS handshake proxying
 
Zi nginx conf_2015
Zi nginx conf_2015Zi nginx conf_2015
Zi nginx conf_2015
 
Making the web faster
Making the web fasterMaking the web faster
Making the web faster
 
Selecting and deploying automated optimization solutions
Selecting and deploying automated optimization solutionsSelecting and deploying automated optimization solutions
Selecting and deploying automated optimization solutions
 
Velocity EU 2012 - Third party scripts and you
Velocity EU 2012 - Third party scripts and youVelocity EU 2012 - Third party scripts and you
Velocity EU 2012 - Third party scripts and you
 
Velocity 2014 nyc WebPagetest private instances
Velocity 2014 nyc WebPagetest private instancesVelocity 2014 nyc WebPagetest private instances
Velocity 2014 nyc WebPagetest private instances
 
Hands on performance testing and analysis with web pagetest
Hands on performance testing and analysis with web pagetestHands on performance testing and analysis with web pagetest
Hands on performance testing and analysis with web pagetest
 
Measuring the visual experience of website performance
Measuring the visual experience of website performanceMeasuring the visual experience of website performance
Measuring the visual experience of website performance
 
Web Performance Optimization
Web Performance OptimizationWeb Performance Optimization
Web Performance Optimization
 
Service Workers for Performance
Service Workers for PerformanceService Workers for Performance
Service Workers for Performance
 
WebPagetest Power Users - Velocity 2014
WebPagetest Power Users - Velocity 2014WebPagetest Power Users - Velocity 2014
WebPagetest Power Users - Velocity 2014
 
Machine Learning RUM - Velocity 2016
Machine Learning RUM - Velocity 2016Machine Learning RUM - Velocity 2016
Machine Learning RUM - Velocity 2016
 
Tracking Performance - Velocity NYC 2013
Tracking Performance - Velocity NYC 2013Tracking Performance - Velocity NYC 2013
Tracking Performance - Velocity NYC 2013
 
Measuring web performance
Measuring web performanceMeasuring web performance
Measuring web performance
 
Image optimization
Image optimizationImage optimization
Image optimization
 
Web performance testing
Web performance testingWeb performance testing
Web performance testing
 
Service workers - Velocity 2016 Training
Service workers - Velocity 2016 TrainingService workers - Velocity 2016 Training
Service workers - Velocity 2016 Training
 
Scaling Front-End Performance - Velocity 2016
Scaling Front-End Performance - Velocity 2016Scaling Front-End Performance - Velocity 2016
Scaling Front-End Performance - Velocity 2016
 
Velocity 2012 - Taming the Mobile Beast
Velocity 2012 - Taming the Mobile BeastVelocity 2012 - Taming the Mobile Beast
Velocity 2012 - Taming the Mobile Beast
 

Semelhante a Google I/O 2012 - Protecting your user experience while integrating 3rd party code

Build Your Own CMS with Apache Sling
Build Your Own CMS with Apache SlingBuild Your Own CMS with Apache Sling
Build Your Own CMS with Apache Sling
Bob Paulin
 
Web Directions South - Even Faster Web Sites
Web Directions South - Even Faster Web SitesWeb Directions South - Even Faster Web Sites
Web Directions South - Even Faster Web Sites
Steve Souders
 
[convergese] Adaptive Images in Responsive Web Design
[convergese] Adaptive Images in Responsive Web Design[convergese] Adaptive Images in Responsive Web Design
[convergese] Adaptive Images in Responsive Web Design
Christopher Schmitt
 
Widget Summit 2008
Widget Summit 2008Widget Summit 2008
Widget Summit 2008
Volkan Unsal
 
Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013
Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013
Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013
Gustaf Nilsson Kotte
 

Semelhante a Google I/O 2012 - Protecting your user experience while integrating 3rd party code (20)

Developing web applications in 2010
Developing web applications in 2010Developing web applications in 2010
Developing web applications in 2010
 
Front End Development for Back End Java Developers - Jfokus 2020
Front End Development for Back End Java Developers - Jfokus 2020Front End Development for Back End Java Developers - Jfokus 2020
Front End Development for Back End Java Developers - Jfokus 2020
 
Front End Development for Back End Developers - vJUG24 2017
Front End Development for Back End Developers - vJUG24 2017Front End Development for Back End Developers - vJUG24 2017
Front End Development for Back End Developers - vJUG24 2017
 
It is not HTML5. but ... / HTML5ではないサイトからHTML5を考える
It is not HTML5. but ... / HTML5ではないサイトからHTML5を考えるIt is not HTML5. but ... / HTML5ではないサイトからHTML5を考える
It is not HTML5. but ... / HTML5ではないサイトからHTML5を考える
 
JavaScript Performance Patterns
JavaScript Performance PatternsJavaScript Performance Patterns
JavaScript Performance Patterns
 
Build Your Own CMS with Apache Sling
Build Your Own CMS with Apache SlingBuild Your Own CMS with Apache Sling
Build Your Own CMS with Apache Sling
 
JavaScript Perfomance
JavaScript PerfomanceJavaScript Perfomance
JavaScript Perfomance
 
Web Directions South - Even Faster Web Sites
Web Directions South - Even Faster Web SitesWeb Directions South - Even Faster Web Sites
Web Directions South - Even Faster Web Sites
 
[convergese] Adaptive Images in Responsive Web Design
[convergese] Adaptive Images in Responsive Web Design[convergese] Adaptive Images in Responsive Web Design
[convergese] Adaptive Images in Responsive Web Design
 
orcreatehappyusers
orcreatehappyusersorcreatehappyusers
orcreatehappyusers
 
orcreatehappyusers
orcreatehappyusersorcreatehappyusers
orcreatehappyusers
 
Widget Summit 2008
Widget Summit 2008Widget Summit 2008
Widget Summit 2008
 
Taking your Web App for a walk
Taking your Web App for a walkTaking your Web App for a walk
Taking your Web App for a walk
 
Consegi 2010 - Dicas de Desenvolvimento Web com Ruby
Consegi 2010 - Dicas de Desenvolvimento Web com RubyConsegi 2010 - Dicas de Desenvolvimento Web com Ruby
Consegi 2010 - Dicas de Desenvolvimento Web com Ruby
 
High Performance Snippets
High Performance SnippetsHigh Performance Snippets
High Performance Snippets
 
Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013
Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013
Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013
 
Web-Performance
Web-PerformanceWeb-Performance
Web-Performance
 
High-Speed HTML5
High-Speed HTML5High-Speed HTML5
High-Speed HTML5
 
URL Design
URL DesignURL Design
URL Design
 
JavaScript performance patterns
JavaScript performance patternsJavaScript performance patterns
JavaScript performance patterns
 

Mais de Patrick Meenan

Mais de Patrick Meenan (9)

Resource Prioritization
Resource PrioritizationResource Prioritization
Resource Prioritization
 
HTTP/2 Prioritization
HTTP/2 PrioritizationHTTP/2 Prioritization
HTTP/2 Prioritization
 
Getting the most out of WebPageTest
Getting the most out of WebPageTestGetting the most out of WebPageTest
Getting the most out of WebPageTest
 
Http2 in practice
Http2 in practiceHttp2 in practice
Http2 in practice
 
Resource loading, prioritization, HTTP/2 - oh my!
Resource loading, prioritization, HTTP/2 - oh my!Resource loading, prioritization, HTTP/2 - oh my!
Resource loading, prioritization, HTTP/2 - oh my!
 
How fast is it?
How fast is it?How fast is it?
How fast is it?
 
Front-End Single Point of Failure - Velocity 2016 Training
Front-End Single Point of Failure - Velocity 2016 TrainingFront-End Single Point of Failure - Velocity 2016 Training
Front-End Single Point of Failure - Velocity 2016 Training
 
Measuring performance - Velocity 2016 Training
Measuring performance - Velocity 2016 TrainingMeasuring performance - Velocity 2016 Training
Measuring performance - Velocity 2016 Training
 
Mobile web performance - MoDev East
Mobile web performance - MoDev EastMobile web performance - MoDev East
Mobile web performance - MoDev East
 

Último

Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Último (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 

Google I/O 2012 - Protecting your user experience while integrating 3rd party code

  • 1. Protecting your User Experience While Integrating 3rd-party Code Patrick Meenan Software Engineer
  • 3. Feels Like http://youtu.be/HSbHNIvhOFU
  • 5. When the widget is Unavailable http://youtu.be/3-zaos02CxI
  • 6. Because of This: HTML <script src=‘https://apis.google.com/js/plusone.js’></script > Instead of: HTML <script> (function() { var po = document.createElement(‘script’); po.src = ‘https://apis.google.com/js/plusone.js’; var s = document.getElementsByTagName(‘script’)[0]; s.parentNode.insertBefore(po, s); })(); </script> http://www.stevesouders.com/blog/2009/12/01/google-analytics-goes-async/
  • 7. Loaded Asynchronously http://youtu.be/krin-F65Fd8
  • 8. Loaded Asynchronously http://youtu.be/krin-F65Fd8
  • 9. And Monitoring Says… • Server Monitoring Base page responded in 0.160 seconds • Full-Browser Monitoring Page loaded in 25 seconds • Analytics Page Views Loaded and executed asynchronously • Real User Monitoring Performance Reporting No data if user bailed before onLoad
  • 10. There’s More! On that one page, all before the main content: HTML <script src=‘http://code.jquery.com/jquery-1.7.1.min.js’></script> <script src=‘http://scripts.verticalacuity.com/vat/mon/vt.js’></script> <script src=‘http://ak.sail-horizon.com/scout/v1.js’></script> <script src=‘//cdn.optimizely.com/js/xxxxx.js’></script> <script src=‘https://platform.twitter.com/anywhere.js’></script> <script src=‘http://www.reddit.com/static/button/button1.js’></script> <script src=‘http://widgets.digg.com/buttons.js’></script> <script src=‘//assets.pinterest.com/js/pinit.js’></script> <script src=‘//platform.linkedin.com/in.js’></script> 10
  • 11. HTTP Archive http://httparchive.org/trends.php
  • 12. But I’d Notice…. • Globally? – Social sites tend to be targets for blocking • platform.twitter.com • connect.facebook.net • apis.google.com – HTTPS as well • In an Enterprise? – Corporate policies
  • 13. Back-end vs Front-end Base Page (Back-end) Front-end First Paint
  • 14. High Availability Server Architectures DNS Read-Only Database Load Balancers App Servers Site 1 Database Master Site 2
  • 15. All for… Base Page (Back-end)
  • 16. To the Front End!
  • 17. Async Snippet Good for code with no dependencies (widgets) HTML <script> (function() { var po = document.createElement(‘script’); po.src = ‘https://apis.google.com/js/plusone.js’; var s = document.getElementsByTagName(‘script’)[0]; s.parentNode.insertBefore(po, s); })(); </script> 17
  • 18. Put Scripts at the Bottom • Easy to implement and describe • Delays script loading and execution later than Async at the top HTML … <script src=‘//assets.pinterest.com/js/pinit.js’></script> </body> 18
  • 19. Protocol-relative URLs • Look strange • Safe across all browsers (for Javascript) HTML //ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min .js Instead of: https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jque ry.min.js 19
  • 20. Async Loaders Help for dependency chaining • Modernizr • LABjs • RequireJS • ControlJS Modernizr.load([{ HTML load: '//ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.js', }, { load: 'needs-jQuery.js' }]); 20
  • 21. HTML Modernizr.load([ { load: '//ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.js', complete: function () { if ( !window.jQuery ) { Modernizr.load('js/libs/jquery-1.7.1.min.js'); } } }, { load: 'needs-jQuery.js' } ]); 21
  • 22. Well, Almost… Desktop Browser OnLoad Blocked Mobile Browser OnLoad Blocked Chrome Yes Android 2.x No Firefox Yes Android 4.x Yes Internet Explorer 9- No Chrome Mobile Yes Internet Explorer 10 Yes iOS 4 No Safari 5+ Yes iOS 5 Yes Opera Yes IE Mobile 9 No http://www.browserscope.org/user/tests/table/agt1YS1wcm9maWxlcnINCxIEVGVzdBjrq90MDA 22
  • 23. How are we doing?
  • 24. Widgets Async Blocking Google Analytics Google +1 Badge Google +1 Button Twitter Anywhere Twitter Tweet Button Facebook Channel File Example Facebook Like Button Pinterest (end of body) Digg Reditt AddThis ShareThis
  • 25. Code Libraries (examples) • Jquery: Blocking in the head • Closure Library: Blocking in the head • YUI: Blocking • Dojo: Blocking in the head • Moo Tools: Blocking in the head • Google jsapi: Blocking (default, Async available)
  • 26. Ad Providers • Doubleclick: Fully Async available (October 2011) • Adsense: Blocking script, ad itself is async • Others: Ask – iFrame solutions are async
  • 28. Routing to localhost • Fails FAST! (connections rejected) • Not good for real failure scenarios
  • 29. You Need a Black Hole blackhole.webpagetest.org – 72.66.115.13 hosts file 72.66.115.13 ajax.googleapis.com 72.66.115.13 apis.google.com 72.66.115.13 www.google-analytics.com 72.66.115.13 connect.facebook.net 72.66.115.13 platform.twitter.com ... Courtesy NASA/JPL-Caltech. 29
  • 30. On WebPagetest.org setDnsName ajax.googleapis.com blackhole.webpagetest.org setDnsName apis.google.com blackhole.webpagetest.org setDnsName www.google-analytics.com blackhole.webpagetest.org setDnsName connect.facebook.net blackhole.webpagetest.org setDnsName platform.twitter.com blackhole.webpagetest.org navigate your.url.com http://www.webpagetest.org/ 30
  • 32. In The Chrome Web Store https://chrome.google.com/webstore/detail/plikhggfbplemddobondkeogomgoodeg https://github.com/pmeenan/spof-o-matic
  • 33. Normal Operation Gray circle = Boring/Good
  • 34. SPOF Detected Warning indicator = SPOF Detected
  • 36. Amount of page content blocked Near the top = BAD Near the bottom = Better
  • 40. Blocking Enabled Black Hole Enabled
  • 41. Resources Blocked Black Hole Used
  • 42. Pages in the Wild
  • 43. News* CNN News Article Page HTML <script src=‘http://cache-02.cleanprint.net/cpf/cleanprint?key=cnn’> <script src=‘http://connect.facebook.net/en_US/all.js’> today.msnbc.msn.com HTML <script src=‘http://www.polls.newsvine.com/_elliott/jenga’> <script src=‘http://amch.questionmarket.com/…/randm.js’> <script src=‘http://use.typekit.com/kjy8rxx.js’> ABC News Main Page HTML <script src=‘http://connect.facebook.net/en_US/all.js’> *As of May 2012 43
  • 44. Blogs/Content* The Verge Article Page HTML <script src=‘http://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js’> <script src=‘http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.15/jquery- ui.min.js’> CBS Sports Article Page <script src=‘http://tags.crwdcntrl.net/c/1198/cc_af.js’> HTML <script src=‘//platform.twitter.com/widgets.js’> Tumblr HTML <script src=‘https://www.google.com/recaptcha/api/js/recaptcha_ajax.js’> Cnet.com HTML <script src=‘http://html5shim.googlecode.com/svn/trunk/html5.js’> *As of May 2012 44
  • 45. Political sites* whitehouse.gov HTML <script src=‘https://www.google.com/recaptcha/api/js/recaptcha_ajax.js’> <script src=‘https://s7.addthis.com/js/250/addthis_widget.js’> democrats.org HTML <script src=‘https://use.typekit.com/wym0ldn.js’> gop.com HTML <script src=‘http://tags.crwdcntrl.net/c/546/cc.js’> *As of May 2012 45
  • 46. E-Commerce* Newegg Product Page HTML <script src=‘http://assets.pinterest.com/js/pinit.js’> Best Buy Product Page HTML <script src=‘http://bestbuy.ugc.bazaarvoice.com/static/3545w/bvapi.js’> <script src=‘http://platform.twitter.com/widgets.js’> Target HTML <script src=‘http://media.richrelevance.com/rrserver/js/1.0/p13n.js’> Redbox HTML <script src=‘http://connect.facebook.net/en_US/all.js#xfbml=1’> *As of May 2012 46
  • 48. Widget Owners • Never EVER provide blocking snippets • All examples should be asynchronous • Do not force HTTPS if it isn't required • Where possible, allow for sites to self-host any critical code
  • 49. Site Owners • Never load 3rd party resources synchronously – refuse 3rd party code that doesn't have an async option • Do not rely on onload for important functionality • Make sure your monitoring has aggressive time limits (under 20 seconds) • Make sure your real user monitoring has an aggressive timeout • Track real user failures by region
  • 50. Live Browsing with SPOF-O-Matic