3rd Party Footprint @ Webrebels

#webrebels
3rd Party Footprint
EVALUATING THE PERFORMANCE OF EXTERNAL SCRIPTS
BARBARA BERMES /bbinto

#webrebels
I live in Toronto, Canada

#webrebels
I’m passionate about
web perf

#webrebels
Let’s get this 3rd party started!

#LDNWebPerf#webrebels
In the strictest sense, anything served to
the client that’s provided by an
organization that’s not the website
provider is considered to be third-party
“
”–Ben Vinegar, Author of “Third-Party Script”
What is a 3rd party script?

Types of 3rd party scripts
Advertising
Tracking and Analytics
Fonts
Social Media
Libraries and Frameworks

#webrebels
What’s the #1 used
3rd Party script?

Stats from Big Query

#webrebels
AKAMAI (FB)
14%
TWITTER
5%
FACEBOOK
10%
GOOGLE
71%
Top 10

#webrebels
Visualize the impact of
3rd party scripts

#webrebels
Foreign content overload

Example: Wired
• Body Level One
• Body Level Two
• Body Level Three
• Body Level Four
• Body Level Five

#webrebels
But what’s the issue?

The Issues and Negative Impacts
Performance 
Front-end Single Point of Failure (SPOF)  
Privacy

Potential Solutions
Safe Snippets 
Caching and Hosted Libraries 
Tools and Initiatives

#webrebels
- John Hjelmstad 
Google I/O 2012 (How we Make JavaScript Widgets Scream)
The value you get out of the widget needs to be
greater than the performance hit you are taking
Rule of Thumb

#webrebels
A user who has to endure an 8-second download delay
spends only 1% of their total viewing time looking at the featured
promotional space on a landing page.

In contrast, a user who receives instantaneous page rendering
spends 20% of viewing time within the promotional area  
 
(source: Jakob Nielsen)
“
”
Perception of promotional space

#webrebels
A website without ads?

The performance impact of ads
• Body Level One
• Body Level Two
• Body Level Three
• Body Level Four
• Body Level Five

#webrebels
40%
Using no (client-side) ad code reduced
CBC’s page load time by 40%
<script/>

#webrebels
Monitor foreign
content, constantly!

ArithmeticMeanins
0
2.5
5
7.5
10
10/4/12 10/31/12
Bad 3rd parties (CBC mobile Site)
Smooth sailing
Client-side Ads
Ads turned oﬀ
Server-side Ads
 
Source: Keynote Daily Reports 
We noticed a spike

#webrebels
Single point of failure

A single point of failure (SPOF) is a part of a
system that, if it fails, will stop the entire system
from working
–Wikipedia
SPOF

The Oﬀender
It will block rendering anything after this line

#webrebels
Yeah…whatever 
3rd providers don’t really go down…

#webrebels
Title Text
Title Text

#webrebels
The Great Firewall of China

#webrebels
Simulating SPOF
on TechCrunch

#webrebels
SPOF WIRED
Without SPOF
With SPOF: Visually complete 40s

#webrebels
Let’s crash this party

#webrebels
Title Text
Title Text
#webrebels

#webrebels
Initializing  
client-side scripts

#webrebels
Safest (previous) way:  
Dynamic script tag (to cover most of the browsers)

#webrebels
http://www.phpied.com/social-button-bffs/
Asynchronous Loading

#webrebels
Title Text
Asynchronous Loading

#webrebels
5 seconds 25 seconds
#webrebels

#webrebels
AFTER
5 seconds
#webrebels

Async or Defer JS

Async and Defer JS

Protect yourself with the help of tools
Ad-hoc browser tools 
Continuous integration and deployment tools

#webrebels
Caching?
Don’t always rely on it!

30min
3 min
Cache Policies
20 min
30 min
1 hr
20 min

#webrebels
What about hosted libraries?

Pages using Google CDN 
(Top Alexa Websites)
0%
0.25%
0.5%
Jan '11 Jan '13 Jan '13 Jan '14 Jan '15
11%
17%
26%
37%
47%
Percentage
Google Hosted Libraries
PAGES USING GOOGLE
LIBRARIES API
52%
48%

Anywhere?
Don’t just copy and paste

#webrebels
Don’t do this….

#webrebels
Rather do this: Silent Fail

#webrebels
Source: May 2015, Big Query result on jQuery from Google CDNs
Google’s hostest jQuery fragmentation
OTHER
30%
1.4.2
5%1.11.0
6%1.8.2
6%
1.11.1
7%
1.9.1
8%
1.8.3
8%
1.10.2
8%
1.7.1
10%
1.7.2
12%

#webrebels
So, whats the verdict:
Hosted Libraries or not?

#webrebels
Title Texthttps://developers.facebook.com/docs/plugins/like-button/

#webrebels
Title Text
What they don’t really tell you that they maybe…. 
track the visited website, your IP, and more….???? 
Did you agree to that?

#webrebels
Open Source Initiatives
and Resources

#webrebels
Privacy Hero heise’s
Opt-in Solution

Measuring 3rd party content on your site
Navigation Timing API 
Resource Timing API

#webrebels
0
120
240
Jan '14 Feb '14 Mar '14 Apr '14 May '14 Jun '14 Jul '14 May '15
82 86 86
99
130
157
168
232
Fastly Optimizely
Instagram Cedexis Twitter TypeKit
CDNPlanet Walmart Tumblr Disqus 
Adoption of Timing-Allow-Origin
Header (Top Alexa Websites)

#webrebels
Title Text
jsmanners

#webrebels
Title Text
https://github.com/triblondon/
Contribute on Github!

#webrebels
Next time before
you copy and paste

• Refuse 3rd party content that doesn’t provide async
options or is not miniﬁed
• Put the risk in the SLA (uptime etc.)
• Review jsmanners
• Educate other (junior) developers
• Test it via navigation and resource timing where applicable
What to do as a Publisher & Developer

• Ask for server-side options
• Evaluate tag managers
• Investigate hosted libraries (if no own CDN is available)
• Monitor, monitor, ….and monitor
• Evaluate the need of the script with marketing and
sales
What to do as a Publisher & Developer

What to do as a Script Provider
• Provide non-blocking code samples and snippets
• Educate developers, and verify the integration of
your script (proof-check)

#webrebels
The Party’s Over
Thank you

#webrebels
Questions?
bit.ly/webrebels
Shameless Plug: I wrote a book  
“Lean Websites” (SitePoint)
Release: end of May 2015

3rd Party Footprint @ Webrebels

More Related Content

What's hot (6)

Viewers also liked (8)

Similar to 3rd Party Footprint @ Webrebels (20)

More from Barbara Bermes (9)

3rd Party Footprint @ Webrebels