httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Doug McNutt <>
Subject Re: [users@httpd] Reducing js file sizes...
Date Mon, 23 Mar 2009 16:55:48 GMT
At 11:46 -0400 3/23/09, Brian Mearns wrote, and I snipped a bit:
>As long as we're on this topic, I'd like to step up on my soap box for
>a minute and beseech my fellow web developers to use minification
>thoughtfully. Reducing network traffic and speeding up load time is
>definitely a worthwhile goal, but we should always bear in mind that
>the web should be an open place to exchange ideas and techniques. Few
>things about web developing are more frustrating than seeing something
>cool on a person's page, and viewing the source only to find it's been
>minified to the point of obfuscation. If there are legitimate security
>concerns, then obviously that's a separate matter, but if the purpose
>is just minification, I think it'd be a real nice touch to precede the
>minified content with a brief comment indicating the URL for the
>original (unminified) source. Okay, I'll stop preaching now.

 From another point of view I am really frustrated by the way my banks 
and brokers use JavaScript in their login schemes. It appears that 
the goal is security through obfuscation which is never a good idea.

I like to automate downloads of bank balances and security positions 
in the early morning with a cron job. I typically use curl to access 
the site using my perfectly legal login name and password. With the 
likes of a perl script calling curl its usually easy to implement.

But when the programmers use JavaScript to create cookies that are 
modified in code before referring to an external - to them - site for 
some kind of pulse checking it does get to be a PITA. If I couldn't 
read their JavaScript I would be hard pressed to emulate what a 
browser does.

And programmers who use JavaScript to check each letter as it is 
typed in a way that makes it impossible even with a browser to copy 
and paste login information are enough to make me change brokers.

Minified for 2400 baud connections, perhaps. Make it optional but 
don't make my scripts even harder to prepare.

-> Stocks are getting pelloreid <-

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message