cs193h: high performance web sites lecture 23: vol 2 – make static content cookie- free, reduce...
TRANSCRIPT
![Page 1: CS193H: High Performance Web Sites Lecture 23: Vol 2 – Make static content cookie- free, Reduce cookie weight, To WWW or not to WWW Steve Souders Google](https://reader035.vdocument.in/reader035/viewer/2022062618/55146604550346284e8b5b35/html5/thumbnails/1.jpg)
CS193H:High Performance Web Sites
Lecture 23: Vol 2 – Make static content cookie-
free, Reduce cookie weight, To WWW or not to WWW
Steve SoudersGoogle
![Page 2: CS193H: High Performance Web Sites Lecture 23: Vol 2 – Make static content cookie- free, Reduce cookie weight, To WWW or not to WWW Steve Souders Google](https://reader035.vdocument.in/reader035/viewer/2022062618/55146604550346284e8b5b35/html5/thumbnails/2.jpg)
announcementsFinal exam locations:• Dec 9, 12:15-3:15 – Gates B03• Dec 12, 12:15-3:15 – Gates B01
![Page 3: CS193H: High Performance Web Sites Lecture 23: Vol 2 – Make static content cookie- free, Reduce cookie weight, To WWW or not to WWW Steve Souders Google](https://reader035.vdocument.in/reader035/viewer/2022062618/55146604550346284e8b5b35/html5/thumbnails/3.jpg)
Set-Cookie response headerHTTP/1.1 200 OK
Set-Cookie: MSNPPAuth=B*eDP3m4...WELr; expires=Wed, 30-Dec-2037 16:00:00 GMT; domain=.live.com;_path=/;
domain, path, and expires in the cookie headermax size ~4K (varies by browser)one header per cookiecookie is stored by the client (browser)only valid if domain matches current page
![Page 4: CS193H: High Performance Web Sites Lecture 23: Vol 2 – Make static content cookie- free, Reduce cookie weight, To WWW or not to WWW Steve Souders Google](https://reader035.vdocument.in/reader035/viewer/2022062618/55146604550346284e8b5b35/html5/thumbnails/4.jpg)
Cookie response headerGET /results.aspx?q=flowers HTTP/1.1Host: search.live.comCookie:_MSNPPAuth=B*eDP3m4...WELr;_SRCHUID=V=1&GUID=83F46965E90240739918C1047F88FD26;_SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20081129; ...
cookie sent back to server on subsequent requests that match the domain and pathall cookies sent in one request header"; " delimited
![Page 5: CS193H: High Performance Web Sites Lecture 23: Vol 2 – Make static content cookie- free, Reduce cookie weight, To WWW or not to WWW Steve Souders Google](https://reader035.vdocument.in/reader035/viewer/2022062618/55146604550346284e8b5b35/html5/thumbnails/5.jpg)
Cookie sizecookie size
(bytes)comments
aol.com 494 "stay signed in" checked
ebay.com 1038 "keep me signed in" checked
facebook.com 990 "remember me" checked
google.com/search 417 logged in to iGoogle and YouTube
search.live.com/results 1938
"remember me" and "remember my password"
checked
msn.com 1063 logged in thru search.live.com
myspace.com 2027 "remember me" checked
en.wikipedia.org/wiki 134 "remember me" checked
yahoo.com 677 "keep me signed in" checked
youtube.com 597 also logged in to iGoogleNovember 2008total size of all cookies
![Page 6: CS193H: High Performance Web Sites Lecture 23: Vol 2 – Make static content cookie- free, Reduce cookie weight, To WWW or not to WWW Steve Souders Google](https://reader035.vdocument.in/reader035/viewer/2022062618/55146604550346284e8b5b35/html5/thumbnails/6.jpg)
Cookie impact
http://yuiblog.com/blog/2007/03/01/performance-research-part-3/
cookies on static resources multiplies the delaylargest packet MTU (Maximum Transmission Unit) for Ethernet: 1500 bytes
cookie size response time delta500 bytes 1 ms
1000 bytes 16 ms1500 bytes 31 ms2000 bytes 47 ms2500 bytes 63 ms3000 bytes 78 ms
![Page 7: CS193H: High Performance Web Sites Lecture 23: Vol 2 – Make static content cookie- free, Reduce cookie weight, To WWW or not to WWW Steve Souders Google](https://reader035.vdocument.in/reader035/viewer/2022062618/55146604550346284e8b5b35/html5/thumbnails/7.jpg)
Live Search cookies senthttp://search.live.com/results.aspx?q=flowers http://search.live.com/.../brand_c.css http://search.live.com/.../serp_c.css http://search.live.com/.../scopebar2_c.css http://search.live.com/.../answerAll_c.css http://search.live.com/.../asset4.gif http://search.live.com/.../cbcoin.gif http://search.live.com/.../main.js
seven static resources contain the Cookie request header (1938 bytes), even though cookies don't affect the response
7 x 1938 bytes = 13.5K (upstream!)
![Page 8: CS193H: High Performance Web Sites Lecture 23: Vol 2 – Make static content cookie- free, Reduce cookie weight, To WWW or not to WWW Steve Souders Google](https://reader035.vdocument.in/reader035/viewer/2022062618/55146604550346284e8b5b35/html5/thumbnails/8.jpg)
Static resource cookie size
cookie size (bytes)
static resources on same domain
wasted bytes
aol.com 494 2 988
ebay.com 1038 0 0
facebook.com 990 2 1980
google.com/search 417 5 2085
search.live.com/results 1938 7 13,566
msn.com 1063 1 1063
myspace.com 2027 2 4,054
en.wikipedia.org/wiki 134 8 1072
yahoo.com 677 0 0
youtube.com 597 1 597November 2008
worse on sites without CDN?
![Page 9: CS193H: High Performance Web Sites Lecture 23: Vol 2 – Make static content cookie- free, Reduce cookie weight, To WWW or not to WWW Steve Souders Google](https://reader035.vdocument.in/reader035/viewer/2022062618/55146604550346284e8b5b35/html5/thumbnails/9.jpg)
cookie-free static contenttakeaway: serve static content without cookies• different domain (rule 2 – use a CDN)• different path ("/app" versus "/images")
![Page 10: CS193H: High Performance Web Sites Lecture 23: Vol 2 – Make static content cookie- free, Reduce cookie weight, To WWW or not to WWW Steve Souders Google](https://reader035.vdocument.in/reader035/viewer/2022062618/55146604550346284e8b5b35/html5/thumbnails/10.jpg)
Cookie expirationlong expirations are handled differently for HTTP resources versus cookies:• avoid cached resources by removing the reference
or changing the name• cookies are always sent, regardless of HTML
content• server can't see domain, path, and expiration
it's hard to avoid cookies with long expirations
![Page 11: CS193H: High Performance Web Sites Lecture 23: Vol 2 – Make static content cookie- free, Reduce cookie weight, To WWW or not to WWW Steve Souders Google](https://reader035.vdocument.in/reader035/viewer/2022062618/55146604550346284e8b5b35/html5/thumbnails/11.jpg)
Cookie expirationcookie size
(bytes)avg expires
(months)
aol.com 494 13
ebay.com 1038 27
facebook.com 990 1
google.com/search 417 122
search.live.com/results 1938 201
msn.com 1063 175
myspace.com 2027 92
en.wikipedia.org/wiki 134 1
yahoo.com 677 231
youtube.com 597 62
November 2008
average expiration time across all persistent cookies
![Page 12: CS193H: High Performance Web Sites Lecture 23: Vol 2 – Make static content cookie- free, Reduce cookie weight, To WWW or not to WWW Steve Souders Google](https://reader035.vdocument.in/reader035/viewer/2022062618/55146604550346284e8b5b35/html5/thumbnails/12.jpg)
Reduce cookie weightuse session-based cookies when possibleuse short expirations in other casesavoid using cookies instead of a user databaseset domain and path as tight as possibletrack and purge cookies – maintain a cookie whitelist and remove outsiders
Set-Cookie:_MSNPPAuth=;_domain= .live.com; path=/;
![Page 13: CS193H: High Performance Web Sites Lecture 23: Vol 2 – Make static content cookie- free, Reduce cookie weight, To WWW or not to WWW Steve Souders Google](https://reader035.vdocument.in/reader035/viewer/2022062618/55146604550346284e8b5b35/html5/thumbnails/13.jpg)
Cookie questionsmax size for a single cookiemax total size for all cookies
for a single domainacross all domains
max # of cookiesfor a single domainacross all domains
how cookies are purgedFIFOLIFO
contact me if you'd like to do this study
![Page 14: CS193H: High Performance Web Sites Lecture 23: Vol 2 – Make static content cookie- free, Reduce cookie weight, To WWW or not to WWW Steve Souders Google](https://reader035.vdocument.in/reader035/viewer/2022062618/55146604550346284e8b5b35/html5/thumbnails/14.jpg)
"www" redirectshow should "www" work for yourdomain.com?http://yourdomain.com/ redirects to http://www.yourdomain.com/• slower (redirect)
both work• cookies
‐ cookies issued on yourdomain.com go to subdomains‐ cookies issued on www.yourdomain.com don't go to
yourdomain.com• avoid caching two copies of each resource
‐ http://yourdomain.com/logo.gif‐ http://www.yourdomain.com/logo.gif
![Page 15: CS193H: High Performance Web Sites Lecture 23: Vol 2 – Make static content cookie- free, Reduce cookie weight, To WWW or not to WWW Steve Souders Google](https://reader035.vdocument.in/reader035/viewer/2022062618/55146604550346284e8b5b35/html5/thumbnails/15.jpg)
redirect cookie domain
aol.com yes .aol.com
ebay.com yes .ebay.com
facebook.com yes .facebook.com
google.com yes .google.com
live.com yes .live.com
msn.com yes .msn.com
myspace.com yes .myspace.com
wikipedia.org no .wikipedia.org
yahoo.com yes .yahoo.com
youtube.com yes .youtube.com
Top 10 "www" redirects
November 2008
cookie domain is not the reason for redirecting
![Page 16: CS193H: High Performance Web Sites Lecture 23: Vol 2 – Make static content cookie- free, Reduce cookie weight, To WWW or not to WWW Steve Souders Google](https://reader035.vdocument.in/reader035/viewer/2022062618/55146604550346284e8b5b35/html5/thumbnails/16.jpg)
Two copies of resourcesif Wikipedia doesn't redirect, how do they avoid downloading two copies of resources?
different domain for resources:http://wikipedia.org/http://upload.wikimedia.org/.../174px-Wikipedia-word.pnghttp://upload.wikimedia.org/.../Bookshelf-40x20.png
what about resources on document's server?• relative URLs – shorter but two copies• full URLs – longer but single copy• BASE HREF – short and single copy (but how come
no one uses this?)
recommendation: don't redirect for "www"
![Page 17: CS193H: High Performance Web Sites Lecture 23: Vol 2 – Make static content cookie- free, Reduce cookie weight, To WWW or not to WWW Steve Souders Google](https://reader035.vdocument.in/reader035/viewer/2022062618/55146604550346284e8b5b35/html5/thumbnails/17.jpg)
Homework12/1 11:59pm – Assignment #6 - Improving a Top Site• rules 11-14• Vol 2:
‐ Split the Initial Payload‐ Load Scripts Without Blocking‐ Don't Scatter Inline Scripts‐ Shard Dominant Domains‐ Optimize Images
![Page 18: CS193H: High Performance Web Sites Lecture 23: Vol 2 – Make static content cookie- free, Reduce cookie weight, To WWW or not to WWW Steve Souders Google](https://reader035.vdocument.in/reader035/viewer/2022062618/55146604550346284e8b5b35/html5/thumbnails/18.jpg)
QuestionsWhat are cookies used for? How does the browser decide which cookies to send? When does it stop sending a cookie? What's a session-based cookie and how do you create one?Why is it wasteful to send cookies on requests for static resources, and how can it be avoided?Why are long expiration dates more problematic for cookies than HTTP resources?What are techniques for reducing cookie weight?What are the choices for handling "www"? List the pros and cons, and recommended solution.