際際滷

際際滷Share a Scribd company logo

SPOF Attack

Download as PPTX, PDF
S
senthil_hi

The document discusses single points of failure (SPOFs) that can slow down web page loading. It identifies several common SPOFs like third-party JavaScript, application JavaScript, font-face, and improper script loading order. It recommends techniques to avoid SPOFs such as loading third-party scripts asynchronously and non-blocking, loading application scripts late, inlining and caching fonts, and avoiding font-face before script tags. Tools for detecting SPOFs include webpagetest.org, the SPOF-O-Matic Chrome plugin, and SPOFCheck which is a command line tool to analyze websites for SPOFs. The overall goal discussed is to create a SPOF free world.

1 of 20
Download to read offline
spof-attack @senthil_hi
spof-attack is scary
Frontend SPOF
Enemy #1 3rd Party JavaScript a.k.a.
Enemy #1 3rd Party JavaScript a.k.a.
Load them in a Async & non-blocking pattern
Enemy #2 Application JavaScript
Load them towards the end
Enemy #3 @font-face
Enemy #3 @font-face
In-lining, Compress & Cache
Enemy #4 @font-face precede Script tag *IE
Dont do that
Friends webpagetest.org SPOF-O-Matic Chrome plugin Yslow Extension
Best Friend SPOFCheck Command Line Interface to detect SPOF
Best Friend SPOFCheck Command Line Interface to detect SPOF
> spofcheck www.techcrunch.com -p spof: Analyzing http://www.techcrunch.com spof: Processing external CSS resources spof: Flushing the results spof: There are 26 problems in http://www.techcrunch.com 1. ERROR: Possible SPOF attack due to 3rd party script - http://js.adsonar.com/js/adsonar.js Severity: error Entity: http://js.adsonar.com/js/adsonar.js Score: 19 Fix: Always load 3rd party external scripts asyncronously in a non-blocking pattern 2. ERROR: Possible SPOF at. SPOFCheck
http://senthilp.github.io/spofcheck/
Lets make a SPOF FREE world!
Thank You

More Related Content

SPOF Attack