Security and performance are regarded as separate issues requiring very different solutions. But now that malicious hackers have discovered new and better ways to affect both aspects of a website, you need solutions that can plug security holes while enhancing frontend performance. How is that possible? With this report, you’ll explore browser-based solutions that can beef up security and enhance end-user performance in one stroke.
Attacks that target both security and performance often involve third party content such as fonts, images, and stylesheets. Authors Sabrina Burney and Sonia Burney examine several techniques for dealing with these issues in the browser, including HSTS, iframe, and prefetch. You’ll also dive into service workers, browser-based scripts that provide many security and performance options.
• Eliminate man-in-the-middle attacks and HTTP redirects with HTTP Strict-Transport-Security (HSTS)• Improve and secure frontend user experience with iframe and Content-Security-Policy• Deliver prioritized resources faster with prefetch and preload header options• Obfuscate third party content to improve frontend delivery and security• Help third party analytics tools go “unnoticed” by using Service Workers• Use Service Workers to allow only third party content that meets your criteria• Leverage other Service Worker applications, including input validation and geo content control
Sonia Burney, a Solutions Architect at Akamai Technologies, creates solutions to challenging problems in web experience, including new algorithms designed to improve the frontend experience at the browser.
Sabrina Burney is a Security Solutions Architect for software development and web security at Akamai Technologies. Her current focus is on addressing vulnerabilities and concerns around third party content.
Table of contents
- 1. Understanding the Problem
- 2. HTTP Strict-Transport-Security
- 3. iFrame and Content‑Security‑Policy
- 4. Web Linking
- 5. Obfuscation
- 6. Service Workers: An Introduction
- 7. Service Workers: Analytics Monitoring
- 8. Service Workers: Control Third Party Content
- 9. Service Workers: Other Applications
- 10. Summary
- Title: Security and Frontend Performance
- Release date: January 2017
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9781491972151
You might also like
Software Engineering at Google
Today, software engineers need to know not only how to program effectively but also how to …
Fluent Python, 2nd Edition
Python’s simplicity lets you become productive quickly, but often this means you aren’t using everything it …
Practical Cloud Security
With their rapidly changing architecture and API-driven automation, cloud platforms come with unique security challenges and …
Threat modeling is one of the most essential—and most misunderstood—parts of the development lifecycle. Whether you’re …