Selfhost static assets #106
Comments
|
It's a balance. On one hand, if we want to self-host everything, we have to put in the time to collect, host, and maintain with updates all the files we're hosting. On the other, we can load from a CDN, which comes with some minor security considerations, but removes the burden of maintenance. CDNs can also speed up the load time of static assets, depending on what CDNs you use and how they work. Loading things from Cloudflare's CDN, for example, is going to be faster than self-hosting for anyone who's not in the US - our app server is in the US, but Cloudflare has datacenters around the world that can serve static assets from closer to end-users. The same may be true of other CDNs; self-hosting those assets may remove or alter that benefit. |
|
I see. On another note: have you considered loading all third party assets from the same CDN (e.g. load everything from jsdelivr or unpkg)? I could imagine that this would speed up the loading time of Qpixel. |
ArtOfCode-
added
area: frontend
|
@ArtOfCode- do we plan to do work here someday, or should we close this? (I can't tell from your comment and this is an old issue.) |
Is your feature request related to a problem? Please describe.
Currently qpixel makes many third party requests to various CDNs.
While using third party CDNs doesn't speed up the load time of static assets (especially when using http/2) it's also not exactly beneficial for user privacy.
Additionally qpixel doesn't use CSP for scripts hosted on third party domains which is a security issue.
Describe the solution you'd like
Selfhosting all the static assets that are currently loaded using third party CDNs would solve performance issues caused by third party CDNs and increase the the security of the web page (no more scripts loaded from third party domains).
Describe alternatives you've considered
Using SRI for script tags. However this wouldn't solve the privacy and performance issues.
The text was updated successfully, but these errors were encountered: