Shared Cache is Going Away |
November 1st, 2019 |
| tech |
www.a.example and www.b.example both used
cdn.example/jquery-1.2.1.js then JQuery would only be
downloaded once. Since it's the same resource regardless of which
site initiates the download, a single shared cache is more
efficient. [1]
Unfortunately, a shared cache enables a privacy leak. Summary of the simplest version:
- I want to know if you're a moderator on
www.forum.example. - I know that only pages under
www.forum.example/moderators/private/loadwww.forum.example/moderators/header.css. - When you visit my page I load
www.forum.example/moderators/header.cssand see if it came from cache.
What does this mean for developers? The main thing is that there's no longer any advantage to trying to use the same URLs as other sites. You won't get performance benefits from using a canonical URL over hosting on your own site (unless they're on a CDN and you're not) and you have no reason to use the same version as everyone else (but staying current is still a good idea).
I'm sad about this change from a general web performance perspective and from the perspective of someone who really likes small independent sites, but I don't see a way to get the performance benefits without the leaks.
[1] When I worked on mod_pagespeed, rewriting web
pages so they would load faster, we had an opt-in feature to Canonicalize
JavaScript Libraries.
[2] I was curious if this had launched yet so I made a pair of test pages and tried it out in WebPageTest for Chrome Canary and Firefox Nightly but it's not out yet. I used a WPT script consisting of:
navigate https://www.trycontra.com/test/cache-partition navigate https://www.bidadance.org/test/cache-partition
[3] Firefox's bug is marked "fixed" and "Milestone: mozilla70", but I have Firefox 70.0.1 and it doesn't seem to be enabled:
Perhaps this is just the code change and they still need a flag flip? I don't know how Firefox does this.
Comment via: facebook, lesswrong, hacker news