Уколов Алексей 12 февраля 2016 г., 19:25 Пожаловаться Michal Zalewski’s The Tangled Web: A Guide to Securing Modern Web Applications High Performance Browser Networking: What every web developer should know about networking and web performance Ilya Grigorik 4,8
Уколов Алексей 12 февраля 2016 г., 19:25 Пожаловаться Jakob Nielsen’s Usability Engineering and Steven Seow’s Designing and Engineering Time are both excellent resources that every developer and designer should read! Time is measured objectively but perceived subjectively, and experiences can be engineered to improve perceived performance. High Performance Browser Networking: What every web developer should know about networking and web performance Ilya Grigorik 4,8
Уколов Алексей 12 февраля 2016 г., 19:25 Пожаловаться The application can subscribe to navigator.onLine notifications to monitor connection status. For a good introduction, also see Paul Kinlan’s article on HTML5Rocks: Working Off the Grid with HTML5 Offline. High Performance Browser Networking: What every web developer should know about networking and web performance Ilya Grigorik 4,8
Уколов Алексей 12 февраля 2016 г., 19:24 Пожаловаться However, in practice, you should disable TLS compression on your server for several reasons: The “CRIME” attack, published in 2012, leverages TLS compression to recover secret authentication cookies and allows the attacker to perform session hijacking. Transport-level TLS compression is not content aware and will end up… Развернуть High Performance Browser Networking: What every web developer should know about networking and web performance Ilya Grigorik 4,8
Уколов Алексей 12 февраля 2016 г., 19:24 Пожаловаться To determine the optimal TLS record size for your deployment: Allocate 20 bytes for IPv4 framing overhead and 40 bytes for IPv6. Allocate 20 bytes for TCP framing overhead. Allocate 40 bytes for TCP options overhead (timestamps, SACKs). Assuming a common 1,500-byte starting MTU, this leaves 1,420 bytes for a TLS record… Развернуть High Performance Browser Networking: What every web developer should know about networking and web performance Ilya Grigorik 4,8
Уколов Алексей 12 февраля 2016 г., 19:24 Пожаловаться In January this year (2010), Gmail switched to using HTTPS for everything by default. Previously it had been introduced as an option, but now all of our users use HTTPS to secure their email between their browsers and Google, all the time. In order to do this we had to deploy no additional machines and no special… Развернуть High Performance Browser Networking: What every web developer should know about networking and web performance Ilya Grigorik 4,8
Уколов Алексей 12 февраля 2016 г., 19:24 Пожаловаться Performance Checklist Optimizing TCP performance pays high dividends, regardless of the type of application, for every new connection to your servers. A short list to put on the agenda: Upgrade server kernel to latest version (Linux: 3.2+). Ensure that cwnd size is set to 10. Disable slow-start after idle. Ensure that… Развернуть High Performance Browser Networking: What every web developer should know about networking and web performance Ilya Grigorik 4,8
Уколов Алексей 12 февраля 2016 г., 19:23 Пожаловаться For Linux users, ss is a useful power tool to inspect various statistics for open sockets. From the command line, run ss --options --extended --memory --processes --info to see the current peers and their respective connection settings. High Performance Browser Networking: What every web developer should know about networking and web performance Ilya Grigorik 4,8
Уколов Алексей 12 февраля 2016 г., 19:22 Пожаловаться The core principles and their implications remain unchanged: TCP three-way handshake introduces a full roundtrip of latency. TCP slow-start is applied to every new connection. TCP flow and congestion control regulate throughput of all connections. TCP throughput is regulated by current congestion window size. As a result,… Развернуть High Performance Browser Networking: What every web developer should know about networking and web performance Ilya Grigorik 4,8
Уколов Алексей 12 февраля 2016 г., 19:22 Пожаловаться Slow-start is not as big of an issue for large, streaming downloads, as the client and the server will arrive at their maximum window sizes after a few hundred milliseconds and continue to transmit at near maximum speeds — the cost of the slow-start phase is amortized over the lifetime of the larger transfer. However, for… Развернуть High Performance Browser Networking: What every web developer should know about networking and web performance Ilya Grigorik 4,8
Уколов Алексей 12 февраля 2016 г., 19:22 Пожаловаться HTTP and many other application protocols run over TCP, and no matter the available bandwidth, every TCP connection must go through the slow-start phase — we cannot use the full capacity of the link immediately! High Performance Browser Networking: What every web developer should know about networking and web performance Ilya Grigorik 4,8