Web Development

Website development, speed and security

Follow on Twitter
Some variations on the fasted way for to send out a request without waiting for the response.

The last planned release of PHP 5.6 has now taken place - release 5.6.30. This is the last release that contains planned bug fixes. Any further updates will only take place for security updates and that’s limited to the next two years. Plan to upgrade to PHP 7 - if you are still using 5.6 then you are burying your head in the sand.

Time to move on from PHP 5.6

An article on code complexity in PHP frameworks. Laravel is a clear winner.

Measuring Code Complexity

Last week as I was refactoring and cleaning Laravel for the 5.4 release, Graham Campbell showed me some code complexity statistics for the framework. I decided to compare this against some other PHP frameworks to see how Laravel stacks up. I looked at a few metrics.

Caching makes things faster. You can use HTTP headers to ask a browser to cache XHR (XMLHttpRequest) and Fetch requests however watch out for the back button. It appears that the back button is a history mechanism and it shouldn’t try to show the current state of a resource. Read more in the article below.

You Do Not Understand Browser History :: madhatted.com

The browser does not respect HTTP caching rules when you click the back button.

Recently Ars deputy editor downloaded a list of more than 16,000 cryptographically hashed passcodes. Within a few hours, he deciphered almost half of them.

This isn’t something new but I heard about it for the first time today. An attacker can work out a remote password by measuring the amount of time it takes for the server to respond for various inputs. Hashing a password won’t make a difference as this attack relies on the way a language like PHP does string comparisons.

Vue.js V 2.0 has considerably better performance than React or Angular, read the linked article for more information.

Javascript (and Node.js) Continues To Eat The World - Presence Press

After spending two days at NodeSummit 2016 a few weeks ago, there's no doubt in my mind that Javascript, and Node in particular, is eating...

Mobile eCommerce Performance

Mobile Ecommerce sites should be small and fast. You would think this was obvious and industry best practice but it’s not.

Lets take Magento as an example because it is something I know. The professionally developed theme for Westin Gourmet - developed by a company that specialises in Magento - weighs in at 2.5MB for the home page. Using the network tab of Chrome developer tools you can simulate an average 3G data connection - they use 750 kb/sec (that’s kilobits folks!). This gives a full load time of nearly 29 seconds.

OK, a big chunk of that is 1.8MB of images - and you need to send big images if you want it to look good on a high DPI screen like an iPad - but fewer images could have been used without impacting the user experience. 269KB is just fonts. Who is going to wait around for 29 seconds in this day and age.

I searched around to see if there were any eCommerce solutions optimised for mobile and came across StoreHippo which make a big deal about using the MEAN stack (I have to keep on reminding myself what this means, it is MongoDB, Express, Angularjs and Node.js). I randomly picked a site from their examples (Lot Cart) and ran it through Chrome developer tools. Results: 1.5MB for the home page, 17 second load time. That’s still nothing to shout about. Interestingly 520KB was just for JavaScript - there were 25 HTTP requests for/from Angular.

A blog article by Perficient mentions research by Forrester indicating the two thirds of consumer shopping are happening on a mobile or tablet. This is only going to grow.

It is time to take performance seriously.

Ironically this site automatically designed by the AI of The Grid is over 2MB in size!

Interesting to see that after all the fuss of web fonts over the last few years there is now a growing movement to switch back to native fonts. WordPress 4.6 has just done the switch. Bootstrap v4 is doing the same.