Advantages And Down sides Of Optimisation Techniques

We have to work with different ways to optimise our website. Our main emphasis will be on how to reduce how big is the website and script execution time. This, in turn, will definitely increase the individual experience as well as reduce the fill on the servers. The images and graphical interfaces occupy the utmost safe-keeping size on the webpage. Therefore we have to compress the images and the scripts in a powerful manner that will not affect functionality and quality of the website. First we have to simplify the look of the web site, reducing the number of HTTP demands. JavaScript and CSS can be minified by detatching commentary and space individuals from the code. Furthermore we can make java script and CSS external which is often cached by the browser. Post Weight and Pre Load components can be establish, which will make the user experience better by initially loading the top content and then loading the remaining content. In the end we can optimise loops which will reduce the script execution time.

Specific Optimisation Techniques to be utilized for the Website

The different optimisation techniques are:

Minimise HTTP requests

Add an expiry or a cache control header

Put scripts at the bottom

Remove duplicate scripts

Make Ajax cacheable

Post insert components

Pre load components

Make JavaScript and CSS external

Reduce DNS Lookups

Minimise HTTP requests

The most the time used when a webpage is loading is because HTTP requests. Reducing the number of components will thus reduce the variety of HTTP requests necessary to render the page. This is the key to faster launching pages.

Combined documents are a way to reduce the quantity of HTTP demands by merging all scripts into a single script, and in the same way incorporating all CSS into an individual stylesheet.

Discussing the decisions for every page

We will use some techniques which will be applicable on all the internet pages. Style bed sheets will be positioned at the top and scripts in the bottom of the web site. AJAX, JavaScript and CSS made cacheable. CDN servers will be utilized and redirects, 404 problems, and empty image source avoided.

GET will be used for AJAX demands and also make successful use of pre and post insert components. The complete JavaScript code and CSS will be minified.

The Home page is the one which should be fast, attractive and interactive. The Home page can make the rapport of your website. To make it attractive we need to use different images, CSS, visual interfaces and flash content. Images and visual interfaces are bigger in proportions so we will level them and make an effort to convert them into a more suited format such as Lightweight Network Images (. png).

The user's login site, discussion web page, upload site and modify page will be easier than website nonetheless they will contain tons of videos and images with the information. Thus, we can just remove the white space individuals using their company code reducing the size of the web site and optimising the images. Videos are too big in size so we won't upload it on our server. We will use YouTube or other free video recording upload sites and embed the hyperlink on our web site.

Product Catalogue will contain all the images of the merchandise that can be looked and sorted by category and brands. The loops will be optimised for faster search and sorting.

Business information, current employees and product information will support the detailed textual information with images of what we do, what we sell and who works in our company. All of this information is static, so we will cache the information and optimise the images.

Q2. Client area security issues are an extremely important component of any web-based program.

Introduction

Client area security is one of the most important topics in internet security. All the information which has been downloaded from servers is stored on the client's machine. All the site preferences as well as your login details are stored as cookies on the local machine and we have to keep those data files safe from hackers. We use different antiviruses and firewalls on the neighborhood machine, nonetheless they are not as reliable as they must be.

JavaScript and AJAX are the most vulnerable dialects for the majority of the existing web-based exploits like Trojans, infections, etc. [1]

(Uta Priss, 2012, Advanced Client-Side Security:What many users have no idea, From http://www. upriss. org. uk/awt/lec4a. pdf)

In this document we can look at the major dangers, type of customer side attacks plus some approaches for minimising those hazards.

Problem Domain

Nowadays internet is a basic necessity of daily life. Our company is so dependent on internet these days. Everything from paying our electric bills to international business meetings we do online. All our standard bank details are on our local machine which is susceptible to hackers. Because of this do we need a secure system to work securely online. If we use internet our local system stores the info from the server which contains your requirements, form data and the history of the webpages you looked at.

How do hackers operate. . ?

Hackers try to bypass the firewall and gain unacceptable usage of local web host resources. There are more chances to breach the security of the firewall when the hacker and the variety are on the same network because obtain resources originating within the network can be trusted more than request originating from beyond your network. (Bidgoli Hossein, Wiley John & Sons, (2006) Hanew Jersey, John Wiley & Sons)

Issues

One of the very most widely used dialects for web development, JavaScript, is not secure. JavaScript can be an open scripting vocabulary which means anyone can change it and change its function. The JavaScript security model attempts to protect the user from websites that may be malicious and is not made to protect the web site owner. It can't protect data delivered from the internet browser to the server and there are limitations on what the page writer can control via JavaScript whilst it is being carried out within the browser. The success of JavaScript is also nevertheless the reason attackers have targeted and leveraged the technology as a way to compromise the systems and reek untold grief for clients. JavaScript has been used to execute attacks that involve redirects, downloading of content, or even revealing information regarding a victim's system. [2] Now we will discuss some assault strategies such as XSS (Cross Site Scripting), CSRF (Mix Site Need Forgery) and introduce some prevention actions to improve the security of the website.

XSS

Cross-Site Scripting disorders are a type of injection problem, in which harmful scripts are injected into the otherwise benign and respected websites. Cross-site scripting (XSS) problems arise when an attacker uses a web program to send a harmful code, generally in the form of a browser area script, to a different end user. Imperfections that allow these problems to succeed are quite widespread and appear anywhere an online application uses type from a customer in the productivity it generates without validating or encoding it.

An attacker can use XSS to send a harmful script for an unsuspecting user. The end user's browser does not have any way to learn that the script should not be trusted, and can execute the script. Because it believes the script came from a trusted source, the destructive script can gain access to any cookies, time tokens, or other hypersensitive information retained from your web browser and used within that site. These scripts can even rewrite this content of the HTML page.

Prevention procedures:

Validate, filtration, and sanitise all input

Process end result response stream data through encoding

Many modern web browsers will attempt to identify an XSS strike and inform the user

CSRF

CSRF (Cross-Site Question Forgery) is an attack which causes an end user to execute unwanted actions on the web application where he/she is currently authenticated. With just a little help of cultural engineering (like sending a link via email/talk), an attacker may induce the users of a web application to execute activities of the attacker's choosing. A successful CSRF exploit can compromise end user data and operation regarding a normal customer. In case the targeted end user is the administrator consideration, this can bargain the whole web software.

Prevention steps:

Implement strong XSS mitigations

Use Tokens to verify expected user actions

Hidden form value fields

E. g. , RoR & ASP. Net MVC provide framework support

Use POST for just about any actions that alter data on server side

Is the idempotent web paradigm for HTTP GET affected?

Check HTTP Referrer

Most modern browsers include features to palliate the next attacks:

Phishing Attacks

Spyware

Malicious websites

Adware

Destruction or problem of data or configuration

Theft of settings information

Installation of malware

Theft of information and identification

(Oriyano Sean-Philip and Shimonsk Robert, (2012)Client Side Disorders and Protection, USA, Elsevier, Pg 130)

Conclusion

In overview, we mentioned the major consumer side scripting attacks, preventive measures and the most vulnerable languages. Client aspect scripting attacks work in taking the personal information of the user. However, if we play smart we can extenuate and avoid those attacks in the first place by causing some changes inside our firewall settings rather than clicking on dubious links. Prevention is definitely preferred over a cure for the issues being experienced for a normal individual in this unprotected web environment. As developers, we ought to make appropriate use of the AJAX orders and code the web site in such a way concerning make it more reliable and harder to improve. Finally, JavaScript is the most popular language and can stay so in arriving years. In light of this, we have to make useful use of the principal functions and the libraries to make it less vulnerable to attacks.

Also We Can Offer!

Other services that we offer

If you don’t see the necessary subject, paper type, or topic in our list of available services and examples, don’t worry! We have a number of other academic disciplines to suit the needs of anyone who visits this website looking for help.

How to ...

We made your life easier with putting together a big number of articles and guidelines on how to plan and write different types of assignments (Essay, Research Paper, Dissertation etc)