• Posts
  • RSS
  • ◂◂RSS
  • Contact

  • Shared Cache is Going Away

    November 1st, 2019
    tech  [html]
    Browsers historically have had a single HTTP Cache. This meant that if www.a.example and www.b.example both used cdn.example/jquery-1.2.1.js then JQuery would only be downloaded once. Since it's the same resource regardless of which site initiates the download, a single shared cache is more efficient. [1]

    Unfortunately, a shared cache enables a privacy leak. Summary of the simplest version:

    • I want to know if you're a moderator on www.forum.example.
    • I know that only pages under www.forum.example/moderators/private/ load www.forum.example/moderators/header.css.
    • When you visit my page I load www.forum.example/moderators/header.css and see if it came from cache.
    Versions of this have been around for a while, but in March 2019 Eduardo Vela disclosed a way to make it much more powerful and reliable. Browsers are responding by partitioning the cache (Chrome, Firefox; Safari already had). [2] It's not clear from me reading the bugs when it will launch, but it does sound soon. [3]

    What does this mean for developers? The main thing is that there's no longer any advantage to trying to use the same URLs as other sites. You won't get performance benefits from using a canonical URL over hosting on your own site (unless they're on a CDN and you're not) and you have no reason to use the same version as everyone else (but staying current is still a good idea).

    I'm sad about this change from a general web performance perspective and from the perspective of someone who really likes small independent sites, but I don't see a way to get the performance benefits without the leaks.


    [1] When I worked on mod_pagespeed, rewriting web pages so they would load faster, we had an opt-in feature to Canonicalize JavaScript Libraries.

    [2] I was curious if this had launched yet so I made a pair of test pages and tried it out in WebPageTest for Chrome Canary and Firefox Nightly but it's not out yet. I used a WPT script consisting of:

    navigate https://www.trycontra.com/test/cache-partition
    navigate https://www.bidadance.org/test/cache-partition
    

    [3] Firefox's bug is marked "fixed" and "Milestone: mozilla70", but I have Firefox 70.0.1 and it doesn't seem to be enabled:

    Perhaps this is just the code change and they still need a flag flip? I don't know how Firefox does this.

    Comment via: facebook, lesswrong, hacker news

    Recent posts on blogs I like:

    Collections: The Queen’s Latin or Who Were the Romans, Part V: Saving And Losing an Empire

    This is the fifth and final part (I, II, III, IV) of our series asking the question ‘Who were the Romans?’ How did they understand themselves as a people and the idea of ‘Roman’ as an identity? Was this a homogeneous, ethnically defined group, as some ver…

    via A Collection of Unmitigated Pedantry July 30, 2021

    Modernizing Rail 2021 Announcement

    We are happy to announce that on Sunday the 29th of August we will hold this year’s Modernizing Rail conference, on the heels of the success last year. Please register using this form. And please give details on what you’d like to see, and if you’re willi…

    via Pedestrian Observations July 29, 2021

    Songs about terrible relationships

    [Spoilers for several old musicals.] TV Tropes lists dozens of examples of the “I want” song (where the hero of a musical sings about their dream of escaping their small surroundings). After watching a bunch of musicals on maternity leave, I’m wondering h…

    via The whole sky July 17, 2021

    more     (via openring)


  • Posts
  • RSS
  • ◂◂RSS
  • Contact