We use cookies to ensure you get the best experience on our website
Startsida Utforska Hjälp
Registrera dig Logga in
0ct0pu5
/
YellowLabTools
1
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Bläddra i källkod

New metrics: old HTTP and TLS protocols

Gaël Métais 4 år sedan
förälder
ffd9efeb98
incheckning
9aea4e5677
7 ändrade filer med 52 tillägg och 137 borttagningar
Delad Vy Visa Diff Statistik
  1. 8 0
      front/src/views/rule.html
  2. 38 18
      lib/metadata/policies.js
  3. 3 5
      lib/metadata/scoreProfileGeneric.json
  4. 2 1
      lib/rulesChecker.js
  5. 0 6
      lib/runner.js
  6. 0 105
      lib/tools/isHttp2.js
  7. 1 2
      package.json

+ 8 - 0
front/src/views/rule.html
Visa fil 

@@ -175,6 +175,14 @@
 
                         <url-link url="offender.url" max-length="70"></url-link>
 
                         ({{offender.size | bytes}})
 
                     </div>
 
+
 
+                    <div ng-if="policyName === 'httpVersion'">
 
+                        <b>{{offender.domain}}</b> receives <span ng-class="offender.requests > 4 ? 'offenderProblem' : ''"><b><ng-pluralize count="offender.requests" when="{'one':'1 request','other':'{} requests'}"></ng-pluralize></b></span> over {{offender.httpVersion}}
 
+                    </div>
 
+
 
+                    <div ng-if="policyName === 'oldTlsProtocol'">
 
+                        <b>{{offender.domain}}</b> uses {{offender.tlsVersion}} <span ng-if="offender.beforeDomReady === true" class="offenderProblem">and seems to be on the critical path</span>
 
+                    </div>
 
                 </div>
 
             </div>
 
         </div>

+ 38 - 18
lib/metadata/policies.js
Visa fil 

@@ -927,35 +927,55 @@ var policies = {
 
             return offenders;
 
         }
 
     },*/
 
-    "http2": {
 
-        "label": "HTTP/2 or SPDY",
 
-        "message": "<p>HTTP/2 is the latest version of the HTTP protocol and is designed to optimize load speed. SPDY is deprecated but still very well supported.</p><p>The latest versions of all major browsers are now compatible. The difficulty is on the server side, where technologies are not quite ready yet.</p>",
 
+    "oldHttpProtocol": {
 
+        "label": "HTTP/1 requests",
 
+        "message": "<p>HTTP/2 is the latest version of the HTTP protocol. It is designed to optimize load speed. HTTP/3 will come soon and should be even faster!</p><p>When a domain sends more than 4 requests over HTTP/1, this metric counts one point for each new request. Below 5 requests, the benefits of HTTP/2 are generally less significant.</p>",
 
         "hasOffenders": true,
 
         "scoreFn": function(data) {
 
-            if (!data.toolsResults.http2) {
 
-                return null;
 
+            var count = 0;
 
+
 
+            var offenders = data.toolsResults.phantomas.offenders.oldHttpProtocol;
 
+
 
+            if (offenders) {
 
+                offenders.forEach(function(offender) {
 
+                    if (offender.requests > 4) {
 
+                        count += offender.requests - 4;
 
+                    }
 
+                });    
             }
 
 
-            var isHttp2 = data.toolsResults.http2.metrics.http2;
 
+            var isOkThreshold = 0;
 
+            var isBadThreshold = 25;
 
+            var isAbnormalThreshold = 100;
 
 
+            var score = (isBadThreshold - count) * 100 / (isBadThreshold - isOkThreshold);
 
+            var abnormalityScore = (isAbnormalThreshold - count) * 100 / (isAbnormalThreshold - isOkThreshold);
 
+            
+            
             var result = {
 
-                value: isHttp2 ? 'Yes' : 'No',
 
-                score: isHttp2 ? 100 : 0,
 
-                bad: !isHttp2,
 
-                abnormal: false,
 
-                abnormalityScore: 0
 
+                value: count,
 
+                score: Math.min(Math.max(Math.round(score), 0), 100),
 
+                bad: count > isBadThreshold,
 
+                abnormal: count > isAbnormalThreshold,
 
+                abnormalityScore: Math.min(Math.round(abnormalityScore), 0),
 
+                offendersObj: {
 
+                    count: data.toolsResults.phantomas.metrics.oldHttpProtocol,
 
+                    list: data.toolsResults.phantomas.offenders.oldHttpProtocol || []
 
+                }
 
             };
 
 
-            if (data.toolsResults.http2.offenders) {
 
-                result.offendersObj = {
 
-                    count: data.toolsResults.http2.offenders.http2.length,
 
-                    list: data.toolsResults.http2.offenders.http2
 
-                };
 
-            }
 
-
 
             return result;
 
         }
 
     },
 
+    "oldTlsProtocol": {
 
+        "tool": "phantomas",
 
+        "label": "Old TLS protocols",
 
+        "message": "<p>Counts the number of domains that use TLS versions < 1.3. This is the latest version and it includes a faster \"handshake\" technology.</p><p>The 1.0 and 1.1 versions are deprecated because they are unsafe, switch to 1.2 or above as soon as possible.</p><p>The version 1.3 includes an even faster option called 0-RTT, check your server compatibility on <a href='https://www.ssllabs.com/ssltest/' target=\"_blank\">SSL Labs</a>.</p>",
 
+        "isOkThreshold": 0,
 
+        "isBadThreshold": 5,
 
+        "isAbnormalThreshold": 15,
 
+        "hasOffenders": true
 
+    },
 
     "cachingDisabled": {
 
         "tool": "phantomas",
 
         "label": "Caching disabled",

+ 3 - 5
lib/metadata/scoreProfileGeneric.json
Visa fil 

@@ -53,9 +53,7 @@
 
             "label": "jQuery",
 
             "policies": {
 
                 "jQueryVersion": 2,
 
-                "jQueryVersionsLoaded": 2,
 
-                "jQueryCallsOnEmptyObject": 1,
 
-                "jQueryNotDelegatedEvents": 1
 
+                "jQueryVersionsLoaded": 2
 
             }
 
         },
 
         "cssComplexity": {
 
@@ -95,7 +93,8 @@
 
         "serverConfig": {
 
             "label": "Server config",
 
             "policies": {
 
-                "http2": 2,
 
+                "oldHttpProtocol": 2,
 
+                "oldTlsProtocol": 2,
 
                 "closedConnections": 2,
 
                 "cachingNotSpecified": 1,
 
                 "cachingDisabled": 1,
 
@@ -110,7 +109,6 @@
 
         "javascriptComplexity": 2,
 
         "badJavascript": 2,
 
         "jQuery": 1,
 
-        "cssSyntaxError": 1,
 
         "cssComplexity": 1,
 
         "badCSS": 1,
 
         "fonts": 1,

+ 2 - 1
lib/rulesChecker.js
Visa fil 

@@ -111,7 +111,8 @@ var RulesChecker = function() {
 
                 if (rule) {
 
                     rule.policy = {
 
                         label: policy.label,
 
-                        message: policy.message
 
+                        message: policy.message,
 
+                        hasOffenders: policy.hasOffenders || false
 
                     };
 
 
                     results[metricName] = rule;

+ 0 - 6
lib/runner.js
Visa fil 

@@ -5,7 +5,6 @@ var phantomasWrapper        = require('./tools/phantomas/phantomasWrapper');
 
 var colorDiff               = require('./tools/colorDiff');
 
 var domAccessAgregator      = require('./tools/domAccessAgregator');
 
 var mediaQueriesChecker     = require('./tools/mediaQueriesChecker');
 
-var isHttp2                 = require('./tools/isHttp2');
 
 var redownload              = require('./tools/redownload/redownload');
 
 var rulesChecker            = require('./rulesChecker');
 
 var scoreCalculator         = require('./scoreCalculator');
 
@@ -42,11 +41,6 @@ var Runner = function(params) {
 
 
     })
 
 
-    .then(function(data) {
 
-        // Check if HTTP2
 
-        return isHttp2.check(data);
 
-    })
 
-
 
     .then(function(data) {
 
 
         // Rules checker

+ 0 - 105
lib/tools/isHttp2.js
Visa fil 

@@ -1,105 +0,0 @@
 
-var debug   = require('debug')('ylt:isHttp2');
 
-var url     = require('url');
 
-var Q       = require('q');
 
-var http2   = require('is-http2');
 
-
 
-var isHttp2 = function() {
 
-    'use strict';
 
-
 
-    this.check = function(data) {
 
-        debug('Starting to check for HTTP2 support...');
 
-
 
-        return this.checkHttp2(data)
 
-
 
-            .then(function(result) {
 
-
 
-                if (result.isHttp) {
 
-                    debug('The website is not even in HTTPS');
 
-
 
-                    data.toolsResults.http2 = {
 
-                        metrics: {
 
-                            http2: false
 
-                        }
 
-                    };
 
-
 
-                } else if (result.isHttp2) {
 
-                    debug('HTTP/2 (or SPDY) is supported');
 
-
 
-                    data.toolsResults.http2 = {
 
-                        metrics: {
 
-                            http2: true
 
-                        }
 
-                    };
 
-                
-                } else {
 
-                    debug('HTTP/2 is not supported');
 
-                    
-                    data.toolsResults.http2 = {
 
-                        metrics: {
 
-                            http2: false
 
-                        }
 
-                    };
 
-                }
 
-
 
-                // Add the supported protocols as offenders
 
-                if (result.supportedProtocols) {
 
-                    debug('Supported protocols: ' + result.supportedProtocols.join(' '));
 
-                    data.toolsResults.http2.offenders = {
 
-                        http2: result.supportedProtocols
 
-                    };
 
-                }
 
-
 
-                debug('End of HTTP2 support check');
 
-
 
-                return data;
 
-            })
 
-
 
-            .fail(function() {
 
-                return data;
 
-            });
 
-    };
 
-
 
-    this.getParsedUrl = function(data) {
 
-        return url.parse(data.toolsResults.phantomas.url);
 
-    };
 
-
 
-    this.getProtocol = function(data) {
 
-        return this.getParsedUrl(data).protocol;
 
-    };
 
-
 
-    this.getDomain = function(data) {
 
-        return this.getParsedUrl(data).hostname;
 
-    };
 
-
 
-    this.checkHttp2 = function(data) {
 
-        var deferred = Q.defer();
 
-
 
-        // Check if it's HTTPS first
 
-        if (this.getProtocol(data) === 'http:') {
 
-            
-            deferred.resolve({
 
-                isHttp: true
 
-            });
 
-
 
-        } else {
 
-
 
-            // To make is-http2 work, you need to have openssl in a version greater than 1.0.0 installed and available in your $path.
 
-            http2(this.getDomain(data), {includeSpdy: true})
 
-
 
-                .then(function(result) {
 
-                    deferred.resolve(result);
 
-                })
 
-                
-                .catch(function(error) {
 
-                    debug('Error while checking HTTP2 support:');
 
-                    debug(error);
 
-                    deferred.reject('Error while checking for HTTP2 support');
 
-                });
 
-
 
-        }
 
-
 
-        return deferred.promise;
 
-    };
 
-};
 
-
 
-module.exports = new isHttp2();

+ 1 - 2
package.json
Visa fil 

@@ -48,7 +48,6 @@
 
     "imagemin-svgo": "7.0.0",
 
     "is-eot": "1.0.0",
 
     "is-gif": "3.0.0",
 
-    "is-http2": "1.2.0",
 
     "is-jpg": "2.0.0",
 
     "is-otf": "0.1.2",
 
     "is-png": "1.1.0",
 
@@ -62,7 +61,7 @@
 
     "meow": "5.0.0",
 
     "minimize": "2.2.0",
 
     "parse-color": "1.0.0",
 
-    "phantomas": "2.0.0",
 
+    "phantomas": "github:macbre/phantomas#devel",
 
     "ps-node": "0.1.6",
 
     "q": "1.5.1",
 
     "request": "2.88.0",

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5