Security and performance are regarded as separate issues requiring very different solutions. But now that malicious hackers have discovered new and better ways to affect both aspects of a website, you need solutions that can plug security holes while enhancing frontend performance. How is that possible? With this report, you’ll explore browser-based solutions that can beef up security and enhance end-user performance in one stroke.
Attacks that target both security and performance often involve third party content such as fonts, images, and stylesheets. Authors Sabrina Burney and Sonia Burney examine several techniques for dealing with these issues in the browser, including HSTS, iframe, and prefetch. You’ll also dive into service workers, browser-based scripts that provide many security and performance options.
• Eliminate man-in-the-middle attacks and HTTP redirects with HTTP Strict-Transport-Security (HSTS)• Improve and secure frontend user experience with iframe and Content-Security-Policy• Deliver prioritized resources faster with prefetch and preload header options• Obfuscate third party content to improve frontend delivery and security• Help third party analytics tools go “unnoticed” by using Service Workers• Use Service Workers to allow only third party content that meets your criteria• Leverage other Service Worker applications, including input validation and geo content control
Sonia Burney, a Solutions Architect at Akamai Technologies, creates solutions to challenging problems in web experience, including new algorithms designed to improve the frontend experience at the browser.
Sabrina Burney is a Security Solutions Architect for software development and web security at Akamai Technologies. Her current focus is on addressing vulnerabilities and concerns around third party content.
Table of Contents
- 1. Understanding the Problem
- 2. HTTP Strict-Transport-Security
- 3. iFrame and Content‑Security‑Policy
- 4. Web Linking
- 5. Obfuscation
- 6. Service Workers: An Introduction
- 7. Service Workers: Analytics Monitoring
- 8. Service Workers: Control Third Party Content
- 9. Service Workers: Other Applications
- 10. Summary
- Title: Security and Frontend Performance
- Release date: January 2017
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9781492030157