O'Reilly logo

Security and Frontend Performance by Sabrina Burney, Sonia Burney

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 8. Service Workers: Control Third Party Content

Now let’s broaden the scope from third party analytics tools to all third party content. More specifically, let’s discuss how to control the delivery of third party content.

Client Reputation Strategies

When we talk about “control” with reference to unknown third party content, what often comes to mind are backend solutions such as client reputation strategies, web application firewalls (WAFs), or other content delivery network/origin infrastructure changes. But with the increased usage of third party content, we need to ensure that we offer protection not only with these backend strategies, but also to our end users starting at the browser. We want to make sure requests for third party content are safe and performing according to best practices. So how do we do that? Let’s leverage service workers to control the delivery of third party content based on specific criteria so that we avoid accessing content that causes site degradation or potentially injection of malicious content not intended for the end user.

Move to Service Worker Reputation Strategies

Note the simple service worker diagram in Figure 8-1. The service worker’s fetch event intercepts incoming network requests for any JavaScript resource and then performs some type of check based on a predefined list of safe third party domains, or using a predefined list of known bad third party domains. Essentially, the fetch event uses some type of list that acts as a ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required