Canonicalize javascript libraries

PageSpeed Optimization Filters

Benefits

Your web page loads faster when JQuery is preloaded in users' browser. Numerous web sites use common JavaScript libraries such as jQuery and jQuery UI. But when one library is stored on many sites, browsers end up re-downloading that library for each new site – a waste of time and bandwidth.

The canonicalize_javascript_libraries filter in PageSpeed finds such libraries on your site and replaces them with links to the equivalent libraries on ajax.googleapis.com. With the optimization, a browser will notice that your site is requesting the library from the same shared library provider as a previous site it visited, and will use the copy in its cache.

This optimizer spots external libraries using a hash signature using a configurable list of signatures stored in configuration.

Configuration

Enable pagespeed EnableFilters canonicalize_javascript_libraries
Disable pagespeed DisableFilters canonicalize_javascript_libraries

Requirements

Only complete, unmodified libraries referenced by <script> tags in the HTML will be rewritten. Libraries that are loaded by other means (for example by injecting a loader script) or that have been modified will not be canonicalized.

Risk Classification

Low

You must ensure that you abide by the terms of service of the providers of the canonical content before enabling canonicalization. The terms of service for the default configuration can be found at developers.google.com/speed/libraries/terms.

The canonical URL refers to a third-party domain; this can cause additional DNS lookup latency the first time a library is loaded. This is mitigated by the fact that the canonical copy of the data is shared among multiple sites.

The initial request for a canonical URL will contain a Referer: header with the URL of the referring page. This permits the host of the canonical content to see a subset of traffic to your site (the first load of a page on your site that contains an identified library by a browser that does not already have that library in its cache). The provider should describe how this data is used in its terms of service. The terms of service for the default configuration can be found at developers.google.com/speed/libraries/terms. Again, this risk is mitigated by the fact that canonical libraries are shared among multiple sites; a popular library is likely to already reside in the browser cache.

Sites serving content on both http and https URLs must use protocol-relative canonical URLs as shown in the example above. Fetching a library insecurely from a secure page exposes a site to attack. Fetching a library securely from an ordinary page can increase load time due to SSL overheads.

It is theoretically possible to craft a JavaScript file whose minified size and hash exactly match that of a canonical library, but whose code behaves differently. In such a case the library will be replaced with the canonical (widely-used) library. This will break the page that contains the reference to the crafted JavaScript.

Example

soon available