— a blog about web development and whatnot by Steve Webster

  1. Caching and the Google AJAX Libraries

    The Google Libraries API is a shared CDN for popular JavaScript libraries. The theory is that the more sites that load their JavaScript libraries via these shared URLs, the greater the chance of a visitor arriving at a given website with a fresh version of the required libraries in their browser cache. That's nice in theory, but how well does that translate to the real world?

  2. Use mod_rewrite’s proxy flag with caution

    Using mod_rewrite, it’s possible to proxy requests onto other servers by adding the P flag to your RewriteRules. This is a common technique to have Apache acting as the public-facing server for a number of disparate services. However, unless you’re careful with how you craft your rewrite rules, it’s possible for an attacker to gain access to your internal network or use your server to anonymously attack another.

  3. Use unique IP addresses for sharded asset hosts

    One of the golden rules for front-end performance optimisation — one recommended by both Yahoo's YSlow and Google's Page Speed — is to split your page assets across multiple hostnames to allow web browsers to download more of those assets in parallel. Unfortunately it turns out that some consumer-grade network devices will block traffic to sites that use these techniques if the asset hosts all have the same IP address.