My fancy new website is broken due to a script blocking extension. I found this out when I showed a friend the Radial Blitz website. He complained that something was lacking. He turned on screen sharing to show me and sure enough my large screenshot slider was nowhere to be seen.
Garbage and bloat
I’ll take Twitter here as an example. I have the standard follow button on my blog (well, had, since I’ve replaced it now). This is a button which you can simply click to follow me on twitter. With the button in place I see a lot of data being loaded from twitter.com: ~100K in JS and ~150K in HTML. Half of that HTML looks like it’s a defect, as it appears to be the same resource loaded twice.
That’s 250K of data to transfer just to have a follow button!
I know that Facebook has a similar overload problem with their button. On PuzzlePuzzle.net I had to disable the Facebook widget because it was taking too long to load. These two simple social buttons were the primary reason the site was loading slowly. No wonder people want to disable this crap.
On my own projects I’ve noticed that these external requests slow down loading. I’ve seen the sites responding slowly, or not responding at all, including Google.
What bothers me the most is that it should be totally unnecessary. This is something that could be done entirely server-side. There’s no reason why my server couldn’t talk to Google Analytics and Chart Beat — aside from it not being an option in those services.
The proper solution here is of course for everybody to start using HTTPS.
The current approach to site security is to continually patch on ad hoc rules, restrictions, exceptions, and other nonsense. Clearly this will never work, and it’s just making it harder to write websites. CORs is a good example of this nonsense; I mentioned this in a previous article.
Until vendors provide a properly designed sandbox model the security problems are not going away. It’s not like it’d be very hard to build this model, it just happens to break the web. Well, it really only breaks the web for advertising and tracking networks, so our user wouldn’t likely be too upset.
As a website designer it’s a big problem for me though. HTML and CSS are simply not adequate for doing a lot of basic presentation. Used correctly, simple interactive features can provide a huge benefit to user experience. From simple hiding and revealing of information, to providing interactive forms that guide the user, or presenting voting and rating buttons for articles. I don’t imagine I’d much enjoy a web without these features.