Chapter 9. Service Workers: Other Applications
Using service workers to control the delivery of third party content or even monitor third party performance is critical. But what about first party resources? Or frontend techniques to improve the performance and security with base page content in general? Service workers can be leveraged in many different ways, including through input validation and geo content control, which are discussed briefly below.
Input Validation
Input validation strategies typically involve client-side JavaScript, server-side logic, or other content delivery network/origin logic in an effort to not only prevent incorrect inputs or entries, but also to prevent malicious content from being injected that could potentially impact a site overall. The problem with some of the above strategies is that a site still remains vulnerable to attacks.
With client-side JavaScript, anyone can look to see what input validation strategies are in place and find a way to work around them for different attacks such as SQL injections, which could impact the end user’s experience. With server-side logic or other content delivery network/origin features, the request has to go to the network before being validated, which could impact performance for the end user.
How can service workers mitigate some of these vulnerabilities? Let’s use the service worker fetch handler to validate the input field and determine whether to forward or block a resource request. Of course service workers ...
Get Security and Frontend Performance now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
