Building a Better Web
June 11–12, 2018: Training
June 12–14, 2018: Tutorials & Conference
San Jose, CA

When Third Parties Stop Being Polite... and Start Getting Real

Nic Jansma (Akamai), Charles Vazac (Akamai)
9:50am–10:30am Wednesday, June 13, 2018
Performance and UX
Location: 210 A/E Level: Intermediate
Secondary topics:  Best practice, Technical, Web Pillars Track: Performance, Security, Accessibility

Who is this presentation for?

Developers, website owners

Prerequisite knowledge

A basic understanding of browser developer tools and performance concepts.

What you'll learn

This talk will perform an honest audit of popular third-party libraries to understand their overhead costs. We'll talk about loading patterns, SPOF avoidance, JavaScript parsing, Long Tasks, runtime overhead, polyfill headaches, security and privacy concerns and more. Finally, we'll share automated tools to help you decide if a library is truly well-crafted.

Description

Would you give the Amazon Prime delivery robot the key to your house, just because it stops by to deliver delicious packages every day? Even if you would, do you still have 100% confidence that it wouldn’t accidentally drag in some mud, let the neighbor in, steal your things or burn your house down? The worst-case scenario is what you should be planning for when deciding whether or not to include third-party libraries and services on your website. While most libraries have good intentions, by including them on your site, you have given them complete control over the kingdom. Once on your site, they can provide all of the great services you want. Or, they can destroy everything you’ve worked so hard to build.

It’s prudent to be cautious: we’ve all heard stories about how third-party libraries have caused slowdowns, broken websites and even downtime. But how do you evaluate the actual costs and potential risks of a third-party library, so you can balance that against the service it provides?

This talk will start with an honest audit of several popular third-party libraries. Every library requires non-zero overhead to provide the service it claims. In many cases, the overhead is minimal and justified — but we should quantify it to understand the real cost. In addition, libraries need to be carefully crafted so they can avoid causing additional pain when the stars don’t align and things go wrong. From how the library is loaded, to the moment it phones home, we’ll see how third-parties can affect the host page and the best practices they can follow to ensure they do the least potential harm. We’ll talk about loading patterns, SPOF avoidance, JavaScript parsing, Long Tasks, runtime overhead, polyfill headaches, security concerns and more.

With all of the great performance tools available to developers today, we’ve gained a lot of insight into just how much third-party libraries are impacting our websites. While you may not have the time to perform a deep dive into every third-party library you want to include on your site, you should be able to walk away from this talk with a checklist of the most important best practices third-parties should be following for you to have confidence in them. We will also share automated tools that can help reveal these insights so you don’t have to do all of the heavy lifting on your own.

Photo of Nic Jansma

Nic Jansma

Akamai

Nic is a software developer at Akamai building high-performance websites, apps and open-source tools.

Photo of Charles Vazac

Charles Vazac

Akamai

Charlie is a Principal Software Engineer at Akamai and co-founder of SOASTA.

Leave a Comment or Question

Help us make this conference the best it can be for you. Have questions you'd like this speaker to address? Suggestions for issues that deserve extra attention? Feedback that you'd like to share with the speaker and other attendees?

Join the conversation here (requires login)