Comments on: Keeping third party JavaScript from slowing down your site http://www.jaisenmathai.com/blog/2008/05/31/keeping-third-party-javascript-from-slowing-down-your-site/ A blog about killer code Thu, 04 Dec 2008 21:16:29 +0000 http://wordpress.org/?v=2.6.3 By: Chris Blow http://www.jaisenmathai.com/blog/2008/05/31/keeping-third-party-javascript-from-slowing-down-your-site/#comment-190 Chris Blow Mon, 02 Jun 2008 06:51:05 +0000 http://www.jaisenmathai.com/blog/?p=29#comment-190 @joey: the js is dynamically written from the server, so you need a "live" connection to the third party. But WRT the security issue, you are right on to raise the issue: it was just a few months ago that perl.com was hacked because one of their ad partners (read: remote js) had their domain name expire! .... When was the last time you checked your "content partner's" registration expiry? :) @joey: the js is dynamically written from the server, so you need a “live” connection to the third party.

But WRT the security issue, you are right on to raise the issue: it was just a few months ago that perl.com was hacked because one of their ad partners (read: remote js) had their domain name expire! ….

When was the last time you checked your
“content partner’s” registration expiry? :)

]]> By: Joey Mazzarelli http://www.jaisenmathai.com/blog/2008/05/31/keeping-third-party-javascript-from-slowing-down-your-site/#comment-189 Joey Mazzarelli Sun, 01 Jun 2008 22:52:22 +0000 http://www.jaisenmathai.com/blog/?p=29#comment-189 Have you considered the security aspect of directly including 3rd-party scripts? You are effectively giving them the ability to steal cookies, alter the behavior of your site, read user data, etc. It requires little effort to make a local copy of the script and use that one instead. And you don't have to worry bad behavior (malicious or accidental) nor updates breaking your site. Just a thought. Have you considered the security aspect of directly including 3rd-party scripts? You are effectively giving them the ability to steal cookies, alter the behavior of your site, read user data, etc.

It requires little effort to make a local copy of the script and use that one instead. And you don’t have to worry bad behavior (malicious or accidental) nor updates breaking your site.

Just a thought.

]]> By: Peter Michaux http://www.jaisenmathai.com/blog/2008/05/31/keeping-third-party-javascript-from-slowing-down-your-site/#comment-187 Peter Michaux Sat, 31 May 2008 21:48:20 +0000 http://www.jaisenmathai.com/blog/?p=29#comment-187 I don't think using a central source for common JavaScript libraries is such a great idea. At least not in all cases. I don't think I would use such a source. http://peter.michaux.ca/article/7906 These startups you mention don't want you to think about the possible costs. That would discourage adoption. I don’t think using a central source for common JavaScript libraries is such a great idea. At least not in all cases. I don’t think I would use such a source.

http://peter.michaux.ca/article/7906

These startups you mention don’t want you to think about the possible costs. That would discourage adoption.

]]> By: jaisen http://www.jaisenmathai.com/blog/2008/05/31/keeping-third-party-javascript-from-slowing-down-your-site/#comment-186 jaisen Sat, 31 May 2008 21:43:20 +0000 http://www.jaisenmathai.com/blog/?p=29#comment-186 @Peter, the google hosted js libs are a great idea. Google's infrastructure is as reliable and fast as you can expect from a third party. My main concern is that startups while providing great services don't have infrastructure that's as reliable as one might expect. So if you *must* include their scripts it should become a standard practice to minimize your dependency on them. I would like for these startups to address this issue instead of just giving you a script tag to paste into your site without thinking of the possible cost. @Peter, the google hosted js libs are a great idea. Google’s infrastructure is as reliable and fast as you can expect from a third party.

My main concern is that startups while providing great services don’t have infrastructure that’s as reliable as one might expect. So if you *must* include their scripts it should become a standard practice to minimize your dependency on them.

I would like for these startups to address this issue instead of just giving you a script tag to paste into your site without thinking of the possible cost.

]]> By: Peter Michaux http://www.jaisenmathai.com/blog/2008/05/31/keeping-third-party-javascript-from-slowing-down-your-site/#comment-185 Peter Michaux Sat, 31 May 2008 21:38:06 +0000 http://www.jaisenmathai.com/blog/?p=29#comment-185 You could use this technique even for your own JavaScript files. Some people do. There may be a trend to start using more JavaScript files from third-party servers. http://ajaxian.com/archives/announcing-ajax-libraries-api-speed-up-your-ajax-apps-with-googles-infrastructure I think the JavaScript files in mashups slow things down because there is database interaction to dynamically generate that JavaScript. The part that the JavaScript is from another server is probably not what makes the page painfully slow to finish loading. It may make it slower however as extra connections need to be made. You could use this technique even for your own JavaScript files. Some people do.

There may be a trend to start using more JavaScript files from third-party servers.

http://ajaxian.com/archives/announcing-ajax-libraries-api-speed-up-your-ajax-apps-with-googles-infrastructure

I think the JavaScript files in mashups slow things down because there is database interaction to dynamically generate that JavaScript. The part that the JavaScript is from another server is probably not what makes the page painfully slow to finish loading. It may make it slower however as extra connections need to be made.

]]>