Security and performance are regarded as separate issues requiring very different solutions. But now that malicious hackers have discovered new and better ways to affect both aspects of a website, you need solutions that can plug security holes while enhancing frontend performance. How is that possible? With this report, you’ll explore browser-based solutions that can beef up security and enhance end-user performance in one stroke.
Attacks that target both security and performance often involve third party content such as fonts, images, and stylesheets. Authors Sabrina Burney and Sonia Burney examine several techniques for dealing with these issues in the browser, including HSTS, iframe, and prefetch. You’ll also dive into service workers, browser-based scripts that provide many security and performance options.
• Eliminate man-in-the-middle attacks and HTTP redirects with HTTP Strict-Transport-Security (HSTS)• Improve and secure frontend user experience with iframe and Content-Security-Policy• Deliver prioritized resources faster with prefetch and preload header options• Obfuscate third party content to improve frontend delivery and security• Help third party analytics tools go “unnoticed” by using Service Workers• Use Service Workers to allow only third party content that meets your criteria• Leverage other Service Worker applications, including input validation and geo content control
Sonia Burney, a Solutions Architect at Akamai Technologies, creates solutions to challenging problems in web experience, including new algorithms designed to improve the frontend experience at the browser.
Sabrina Burney is a Security Solutions Architect for software development and web security at Akamai Technologies. Her current focus is on addressing vulnerabilities and concerns around third party content.
Table of contents
- 1. Understanding the Problem
- 2. HTTP Strict-Transport-Security
- 3. iFrame and Content‑Security‑Policy
- 4. Web Linking
- 5. Obfuscation
- 6. Service Workers: An Introduction
- 7. Service Workers: Analytics Monitoring
- 8. Service Workers: Control Third Party Content
- 9. Service Workers: Other Applications
- 10. Summary
- Title: Security and Frontend Performance
- Release date: January 2017
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9781491972151
You might also like
Designing Data-Intensive Applications
Data is at the center of many challenges in system design today. Difficult issues need to …
REST API Design Rulebook
In todayâ??s market, where rival web services compete for attention, a well-designed REST API is a …
Test Driven Development: By Example
Quite simply, test-driven development is meant to eliminate fear in application development. While some fear is …
Learning Test-Driven Development
Your code is a testament to your skills as a developer. No matter what language you …