[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security concerns with minified javascript code



On Sep 01 2015, Josh Triplett <josh@joshtriplett.org> wrote:
> Nikolaus Rath wrote:
>> I don't think 28 kB vs 73 kB is a difference that people will notice
>> over the network in *most* situations. Even at just 100 kB/s that's
>> 0.28 vs 0.73 seconds, and only when the page is first loaded.
>
> That's absolutely a critical difference, even on a faster connection.
> Multiple studies have demonstrated that page load time matters for user
> retention.  Amazon did a study that showed every ~100ms of page load
> delay lost them 1% in sales.  Google found that half a second slower
> load time for results pages drove off 20% of users.  Google also
> prioritizes faster sites in search results.

Yes, but neither Amazon nor Google (nor any other Web application for
which this matters) is likely to run javascript from a vanilla Debian
package. This is not about minification in general, but about
minification in Debian packages. I don't care enough to actually make a
statistic, but I would not be surprised if most of the javascript that's
carried in Debian ends up in /usr/share/doc.

(end of thread for me)

Best,
-Nikolaus

-- 
GPG encrypted emails preferred. Key id: 0xD113FCAC3C4E599F
Fingerprint: ED31 791B 2C5C 1613 AF38 8B8A D113 FCAC 3C4E 599F

             »Time flies like an arrow, fruit flies like a Banana.«


Reply to: