XMPP Service Operators - 2021-01-14

Hola

Hi

Arne, Do you understand the basic principles of browsers? If the browser has downloaded the script once, on any site it does not download the script a second time. Have you ever wondered how this can significantly speed up page loading? Ie the page is loaded on a slow connection not 2-3 minutes, but a couple of seconds?

Arne, Did you know that cloudflare provides open source scripts for sites and oh yeah! They have built-in protection? << integrity="sha384-vFJXuSJphROIrBnz7yo7oB41mKfc8JzQZiCq4NCceLEaO4IHwicKwpJf9c9IpFgh" crossorigin="anonymous" >>

<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.3/js/bootstrap.min.js" integrity="sha512-8qmis31OQi6hIRgvkht0s6mCOittjMa9GMqtK9hes5iEQBQE/Ca6yGE5FsW36vyipGoWQswBj/QBm2JR086Rkw==" crossorigin="anonymous"></script>

Arni Bro, what a horror. I have embedded this script in this chat, NOW REPTILIAN KNOW EVERETING ABOUT YOU!!! Didn't it boot? RIGHT!!! It should not be loaded in the browser either, but should be from the cache of your browser

Arne, If you have Twitter loaded in scripts, I recommend checking your plugin for blocking scripts for viruses. The share button on Twitter was made, without javascript scripts and load images. But you probably just don’t know the difference between "Twitter Bootstrap" and "Twitter"

» <404.city> Arne, Do you understand the basic principles of browsers? If the browser has downloaded the script once, on any site it does not download the script a second time. Have you ever wondered how this can significantly speed up page loading? » Ie the page is loaded on a slow connection not 2-3 minutes, but a couple of seconds? It's not

It's actually slower

The HTTP protocol itself has headers for caching and how log

You should not use javascript at all, unless you absolutely have to and there's no other way

If you care about performance and accessability

The html has to finish loading before you can even begin to startup the jvm

Vs

Html being streamed in as it receives a element closure

Then images loading

(jpegs can be encoded to support progressive scan)

Or you can use SVGs

If you use an external CDN you lose control over latency for your site

Even if you use a geographiclly close CDN, it's going to be slower because now you have to setup 2 TCP sessions sequentially, with TLS on top

Vs if you just used plain html

Serving things yourself on your own server

https://anybrowser.org/campaign/

https://xmpp.404.city:5280/usershare/6d33720a4a94189f7b96d206ee5f6128196decf2/asa4zw5TzuiMiNRGdhD02PawBoPMwPe4Yp2mtzPa/Screenshot_from_2021-01-14_04-38-07.png

tom, Thanks for the helpful advice ... There is a hint in chrome, for those who do not understand the headers, that the content is cached. In this screenshot you can find this place. In this screenshot you can find this place. ✏

Oh

You can use webbrowser

It provides much better HTTP debugging tools

Hold on

tom, This is a screenshot from the browser

https://upload.nuegia.net/2c79b375-8912-4663-9668-589525c08eb3/screenshot_016.png

Also

Chrome's caching is very buggy

Like

Things don't refresh when you press refresh or tell it not to cache

It's also not a really good litmus test for web interop

Since the blink engine is more optimized for running google's webapps rather than viewing web pages efficiently

404.city: You never need the whole bootstrap. Usually you only need "util.JS". Or one or two more. And even if you don't need the whole bootstrap CSS, it's a development mistake to ping cloudflare every time from every connected IP, and it's definitely a mistake to download half a mega every time you send 2 letters in a chat. If you're too lazy to pick what you need and would rather do one hell of a traffic, stop developing for god's sake.

https://upload.nuegia.net/3ae80218-17e4-4568-b269-0c8e6f3837a2/screenshot_017.png

I'd argue that using bootstrap is a terrible mistake

tom, Pay attention to the title on your screenshot. The "last modification"

Just write the data in the HTML

Then write a few CSS rules to add borders and good contrast and set a front

Then your done

christian, Where do you see the chat on this page?

https://www.nuegia.net/style.css

> ‎tom‎: Just write the data in the HTML This is not just a date, if you were a web application developer, then you would know that this header needs to be set manually and it is responsible for caching

404.city: nginx has a very powerful syntax for setting caching headers

Set a ttl

Or a date

Keep static objects in sane paths, then just apply caching rules that make sense for the path

There's two main kinds of caching in http

The kind where you tell the browser to keep the resource, and the kind you tell the browser to keep the resource but check back if it's been modified

404.city: Don't worry, if I criticise you, you are valuable. I don't criticise everyone.

It's the difference between a http 301 and no http request at all

For example on my CDN that handles the http-upload XEP I set location / { perl upload::handle; expires modified +60d; add_header Cache-Control private; }

Since I delete files 60 days after they've been uploaded

And it's a static resource prepended with a guid so it's not going to change

Oh, btw there's an interesting cache control parameter "IMMUTABLE" which is intended for content-addressable object stores

Like IPFS

From your paronial advice and unrepeatable fears, the Internet works slower and this is very noticeable for Internet users with slow connections. It doesn't increase privacy and security in any way, it looks like a cargo cult https://en.wikipedia.org/wiki/Cargo_cult

I've been thinking about integrating IPFS into my cdn so that if users are still interested in files after to 60d purge than it's still accessible, and I can just use ipfs daemon's built in garbage collector instead of a time based thing

https://xmpp.404.city:5280/usershare/6d33720a4a94189f7b96d206ee5f6128196decf2/9RMjzCeLITZGf0JqfBUIWbRqU0lIe8xWOnpn0avL/download__12_.jpeg

404.city: the only cargo-culting going on is the people who ADD javascript to their site, thinking it will make it faster

You don't add to websites to make them faster you remove

And you leverage fine control of HTTP's headers

The web developers that can't code html and css themselves, and have to import some """framework"""

Or use wordpress and install a bunch of ""optimization plugins""

tom, The saddest thing is that you mislead other people who understand it even less. I gave you a screenshot from the browser that proved it was cached, but you continue to prove that it is not. This explanation was signed by the developers in the browser especially for you.

tom, https://xmpp.404.city:5280/usershare/6d33720a4a94189f7b96d206ee5f6128196decf2/asa4zw5TzuiMiNRGdhD02PawBoPMwPe4Yp2mtzPa/Screenshot_from_2021-01-14_04-38-07.png

404.city: you misunderstand

I'm saying you shouldn't rely on Jquery at all

That you should remove to dependence of jquery from you site

https://xmpp.404.city:5280/usershare/6d33720a4a94189f7b96d206ee5f6128196decf2/Z1M1x2QJzNDgB72CYbgZ0wiCVr53SOvAUTybbfJg/bootstrap.png

Gross

And not privacy conscious

tom, You have already downloaded this file on other sites, and after that you worry.

No i haven;t

I disable javashit

I don't browse sites that only work in firefox/chrome

Or require excessive resources

2gb of ram to display a paragraph on text on a screen

It's inexcusable

Ability to get into a fucking botnet, just by visiting a web page

tom, Well, let's just say so. Sites shouldn't have javascript at all...

Popups, ads, cookie notices

For example

Use invidious or straw-viewer to access youtube without javashit or modern web retardation

https://upload.nuegia.net/03cfe502-2bd1-4fdb-abe6-871f97e907f1/web-color.png

https://upload.nuegia.net/b02e658d-5504-484d-8e00-5526702c3654/noajax.png

Html5 and google chrome are just the new internet explorer 5

And active x

https://drewdevault.com/2020/03/18/Reckless-limitless-scope.html

I'm sorry 404.city this really shouldn't end up in such discussion. It has been more a question vor a hint. I was just wondering why you implemented it. Also I actually couldn't open the link with activated dns blocker. But it's maybe just me.

Nevertheless we should be helping us here actually. Maybe you could remove some script parts? I also had difficultis removing all this unneeded parts from my sites (and maybe there are still is some left...), but never had this problem. ✏

. ✏

Why?

/ ✏

> The web developers that can't code html and css themselves, and have to import some """framework""" You serious?

Why re invent the wheel for every single website

Being able to cache jQuery once and using it in every site isnt this bad

Was I kicked or did I leave by accident :(

you left by accident

Yeah, what's wrong with dumping megabytes of JavaScript into your web page?

> you left by accident Thx lol

Caching stuff == being vulnerable to the oh-so-easy fingerprinting

Having every version of jquery and bootstrap is bloat :P

Btw this exists for what you said https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/

> /me said: > Decentraleyes helps, I guess, but feels like a band-aid. ✏

Whoops, that's a first for me. I edited my last message instead of quoting. Usually I f-up the other way around

I'll paraphrase my original message. Decentraleyes helps, I guess, but feels like a band-aid. If browser is a platform for applications, why doesn't this "platform" ship the libraries "every site" is using?

> Having every version of jquery and bootstrap is bloat :P The use of the entire version zoo of a lib across the web is partly explained by the fact that devs are used to and _expect to continue_ being able to use the latest and greatest, instead of a stable standard API. Same probably goes for said lib's developers, who expect everyone to just bundle-and-forget, "live at HEAD", etc. So they feel free to break compat at every opportunity. The result is sites that each require fifteen different versions of jquery at different abstraction levels of their framework

_That_ is bloat

Hello. Looking for contact to admins/mods of gajim@conference.gajim.org and ejabberd@conference.process-one.net. I got somehow banned from these rooms, and have no idea why; I'm only lurker... maybe something with my server?

briest: In the Gajim room (where I relayed your message), wurstsalat says: > I can't have a look at the moment, but I will tomorrow, if nobody did by then :)

Tim: thanks