You may have heard that browsers are moving away from using a single HTTP cache. By partitioning the HTTP cache based on the top level origin, Chrome, Firefox and Safari are tightening up security vulnerabilities that enable privacy leaks. While this helps protect websites from malicious attacks, there are potential performance and bandwidth consequences if you don’t adjust affected cache configurations.
What Resources Are Affected?
The new browser cache protocols prevent documents from one origin from detecting whether a resource from another origin was cached. In other words, if you use third-party CDN services to reference popular libraries, frameworks or other static assets, you will no longer be able to take advantage of extended performance benefits from those providers. Common examples include jQuery, JsDelivr, Google Fonts, UNPKG, and many others. There has been a lot of commentary around the effects of these changes and potential solutions, which can adequately be summed up by saying that the impact is still yet to be determined but most certainly expansive in nature.
How To Maintain Performance While Protecting Against Cross-Site Leaks
The most effective way to adapt to these changes is to bring third-party static assets onto your domain. There are several benefits to hosting static assets on your own origin, the most notable of which are improved performance and increased control.
By hosting assets on your origin vs third-party domains, you reduce the number of TCP connections required when loading resources and enable modern protocols such as HTTP2 to work on these assets, which significantly speeds up page load times. You can further achieve improved performance by leveraging edge delivery services, such as Section, to distribute your cache and serve resources closer to end users.
Having increased control over static asset delivery allows developers more freedom when optimizing performance within their overall application architecture. By bringing static assets on-domain, you can implement more granular configuration using solutions such as Varnish Cache to achieve better performance gains.
Section also offers alternate origin routing and HTML rewriting, which enables you to move content on-domain while still fetching it from a 3rd party location.
Bottom line is, it’s still early days in the rollout of these changes. In fact, browsers are at different stages in their solution decisions and implementation. We’ll be keeping a close eye on the situation as it continues to develop. In the meantime, developers should be considering how these changes might affect their applications and take steps to mitigate any potential negative impacts.
Our engineers tackle these challenges daily, so if you’d like to chat through specific scenarios, feel free to reach out.