Socket
Socket
Sign inDemoInstall

coach-core

Package Overview
Dependencies
12
Maintainers
1
Versions
41
Alerts
File Explorer

Advanced tools

npm Scripts
License

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 6.0.0-beta.6 to 6.0.0-beta.7

2

dist/coach.js

@@ -1982,3 +1982,3 @@ (function() {

'url': document.URL,
'version': "6.0.0-beta.6"
'version': "6.0.0-beta.7"
};

@@ -1985,0 +1985,0 @@ })(util);

2

dist/coach.min.js

@@ -1,1 +0,1 @@

(function(){if("undefined"!=typeof window){"use strict";const e={getAbsoluteURL:function(e){const t=window.document.createElement("a");return t.href=e,t.href},getHostname:function(e){const t=window.document.createElement("a");return t.href=e,t.hostname},exists:function(e,t){return t.some((function(t){return t===e}))},caseInsensitiveAttributeValueFilter:function(e,t){return function(n){if((n.getAttribute(e)||"").toLowerCase()===t.toLowerCase())return n}},isHTTP2:function(){const t=e.getConnectionType().toLowerCase();return"h2"===t||t.startsWith("spdy")},isHTTP3:function(){return e.getConnectionType().toLowerCase().startsWith("h3")},getConnectionType:function(){if(window.performance.getEntriesByType("navigation")&&window.performance.getEntriesByType("navigation")[0]&&window.performance.getEntriesByType("navigation")[0].nextHopProtocol)return window.performance.getEntriesByType("navigation")[0].nextHopProtocol;if(window.performance&&window.performance.getEntriesByType&&window.performance.getEntriesByType("resource")){const t=window.performance.getEntriesByType("resource");if(t.length>1&&t[0].nextHopProtocol){const n=document.domain;for(let o=0,r=t.length;o<r;o++)if(n===e.getHostname(t[o].name))return t[o].nextHopProtocol}}return"unknown"},getSynchJSFiles:function(t){return Array.prototype.slice.call(t.getElementsByTagName("script")).filter((function(e){return!e.async&&e.src&&!e.defer})).map((function(t){return e.getAbsoluteURL(t.src)}))},getAsynchJSFiles:function(t){return Array.prototype.slice.call(t.getElementsByTagName("script")).filter((function(e){return e.async&&e.src})).map((function(t){return e.getAbsoluteURL(t.src)}))},getResourceHintsHrefs:function(e){return Array.prototype.slice.call(window.document.head.getElementsByTagName("link")).filter((function(t){return t.rel===e})).map((function(e){return e.href}))},getCSSFiles:function(t){return Array.prototype.slice.call(t.getElementsByTagName("link")).filter((function(e){return"stylesheet"===e.rel&&!e.href.startsWith("data:")})).map((function(t){return e.getAbsoluteURL(t.href)}))},plural:function(e,t){return e>1&&(t+="s"),`${e} ${t}`},getTransferSize:function(e){const t=window.performance.getEntriesByName(e,"resource");return 1===t.length&&"number"==typeof t[0].transferSize?t[0].transferSize:0}};return function(e){var t={},n={},o={},r={};try{o.charset=function(){"use strict";let e=100,t="";const n=document.characterSet;return null===n?(t="The page is missing a character set. If you use Chrome/Firefox we know you are missing it, if you use another browser, it could be an implementation problem.",e=0):"UTF-8"!==n&&(t="You are not using charset UTF-8?",e=50),{id:"charset",title:"Declare a charset in your document",description:"The Unicode Standard (UTF-8) covers (almost) all the characters, punctuations, and symbols in the world. Please use that.",advice:t,score:e,weight:2,offending:[],tags:["bestpractice"]}}()}catch(e){r.charset=e.message}try{o.doctype=function(){"use strict";let e=100,t="";const n=document.doctype;return null===n?(t="The page is missing a doctype. Please use <!DOCTYPE html>.",e=0):("html"!==n.name.toLowerCase()||""!==n.systemId&&"about:legacy-compat"!==n.systemId.toLowerCase())&&(t="Just do yourself a favor and use the HTML5 doctype declaration: <!DOCTYPE html>",e=25),{id:"doctype",title:"Declare a doctype in your document",description:"The <!DOCTYPE> declaration is not an HTML tag; it is an instruction to the web browser about what version of HTML the page is written in.",advice:t,score:e,weight:2,offending:[],tags:["bestpractice"]}}()}catch(e){r.doctype=e.message}try{o.language=function(){"use strict";const e=document.getElementsByTagName("html"),t=e[0].getAttribute("lang");let n=100,o="";return e.length>0?null===t&&(n=0,o='The page is missing a language definition in the HTML tag. Define it with <html lang="YOUR_LANGUAGE_CODE">'):(n=0,o="What! The page is missing the HTML tag!"),{id:"language",title:"Declare the language code for your document",description:"According to the W3C recommendation you should declare the primary language for each Web page with the lang attribute inside the <html> tag https://www.w3.org/International/questions/qa-html-language-declarations#basics.",advice:o,score:n,weight:3,offending:[],tags:["bestpractice"]}}()}catch(e){r.language=e.message}try{o.layoutShift=function(){"use strict";const e=[];let t="There is no Layout Shift on the page.",n=0;const o=PerformanceObserver.supportedEntryTypes;if(o&&-1!==o.indexOf("layout-shift")){const t=new PerformanceObserver((()=>{}));t.observe({type:"layout-shift",buffered:!0});for(let o of t.takeRecords())if(!o.hadRecentInput){n+=o.value;for(let t of o.sources)t.node&&t.node.currentSrc?e.push(t.node.currentSrc):t.node&&e.push(t.node.nodeName+" "+t.node.className)}}else t="Layout Shift is not supported in this browser";return{id:"layoutShift",title:"Cumulative Layout Shift",description:"Cumulative Layout Shift measures the sum total of all individual layout shift scores for every unexpected layout shift that occurs during the entire lifespan of the page. A layout shift occurs any time a visible element changes its position from one rendered frame to the next.",advice:n>0?"You have elements that shift. You should manually check the filmstrip or video and check if it will affect the user.":t,score:Math.round(Math.max(0,100-100*n)),weight:8,offending:e,tags:["bestpractice"]}}()}catch(e){r.layoutShift=e.message}try{o.metaDescription=function(e){"use strict";let t=100,n="",o=Array.prototype.slice.call(document.querySelectorAll("meta[name][content]"));o=o.filter(e.caseInsensitiveAttributeValueFilter("name","description"));const r=o.length>0?o[0].getAttribute("content"):"";return 0===r.length?(n="The page is missing a meta description.",t=0):r.length>155&&(n="The meta description is too long. It has "+r.length+" characters, the recommended max is 155",t=50),{id:"metaDescription",title:"Meta description",description:"Use a page description to make the page more relevant to search engines.",advice:n,score:t,weight:5,offending:[],tags:["bestpractice"]}}(e)}catch(e){r.metaDescription=e.message}try{o.optimizely=function(e){"use strict";const t=e.getSynchJSFiles(document.head),n=[];let o=100,r="";return t.forEach((function(t){"cdn.optimizely.com"===e.getHostname(t)&&(n.push(t),o=0,r="The page is using Optimizely. Use it with care because it hurts your performance. Only turn it on (= load the JavaScript) when you run your A/B tests. Then when you are finished make sure to turn it off.")})),{id:"optimizely",title:"Only use Optimizely when you need it",description:"Use Optimizely with care because it hurts your performance since JavaScript is loaded synchronously inside of the head tag, making the first paint happen later. Only turn on Optimzely (= load the javascript) when you run your A/B tests.",advice:r,score:o,weight:2,offending:n,tags:["bestpractice"]}}(e)}catch(e){r.optimizely=e.message}try{o.pageTitle=function(){"use strict";const e=document.title;let t=100,n="";return 0===e.length?(n="The page is missing a title.",t=0):e.length>60&&(n="The title is too long by "+(e.length-60)+" characters. The recommended max is 60",t=50),{id:"pageTitle",title:"Page title",description:"Use a title to make the page more relevant to search engines.",advice:n,score:t,weight:5,offending:[],tags:["bestpractice"]}}()}catch(e){r.pageTitle=e.message}try{o.spdy=function(){"use strict";let t=100,n="";return-1!==e.getConnectionType().indexOf("spdy")&&(t=0,n="The page is using SPDY. Chrome dropped support for SPDY in Chrome 51. Change to HTTP/2 asap."),{id:"spdy",title:"EOL for SPDY in Chrome",description:"Chrome dropped supports for SPDY in Chrome 51, upgrade to HTTP/2 as soon as possible. The page has more users (browsers) supporting HTTP/2 than supports SPDY.",advice:n,score:t,weight:1,offending:[],tags:["bestpractice"]}}()}catch(e){r.spdy=e.message}try{o.url=function(){"use strict";const e=document.URL;let t=100,n="";return e.indexOf("?")>-1&&e.indexOf("jsessionid")>e.indexOf("?")&&(t=0,n="The page has the session id for the user as a parameter, please change so the session handling is done only with cookies. "),(e.match(/&/g)||[]).length>1&&(t-=50,n+="The page is using more than two request parameters. You should really rethink and try to minimize the number of parameters. "),e.length>100&&(t-=10,n+="The URL is "+e.length+" characters long. Try to make it less than 100 characters. "),(e.indexOf(" ")>-1||e.indexOf("%20")>-1)&&(t-=10,n+="Could the developer or the CMS be on Windows? Avoid using spaces in the URLs, use hyphens or underscores. "),{id:"url",title:"Have a good URL format",description:"A clean URL is good for the user and for SEO. Make them human readable, avoid too long URLs, spaces in the URL, too many request parameters, and never ever have the session id in your URL.",advice:n,score:t<0?0:t,weight:2,offending:[],tags:["bestpractice"]}}()}catch(e){r.url=e.message}t.bestpractice={adviceList:o},Object.keys(r).length>0&&(n.bestpractice=r);var i={},s={};try{i.amp=function(){"use strict";const e=document.getElementsByTagName("html")[0];return!!(e&&e.getAttribute("amp-version")||window.AMP)&&(e.getAttribute("amp-version")||!0)}()}catch(e){s.amp=e.message}try{i.browser=function(){"use strict";const{userAgent:e}=navigator;return e.includes("Firefox/")?"Firefox "+e.split("Firefox/")[1]:e.includes("Edg/")?"Edge "+e.split("Edg/")[1]:e.includes("Chrome/")?"Chrome "+e.match(/(Chrome)\/(\S+)/)[2]:e.includes("Safari/")?"Safari "+e.match(/(Version)\/(\S+)/)[2]:"Unknown"}()}catch(e){s.browser=e.message}try{i.connectionType=function(e){"use strict";return e.getConnectionType()}(e)}catch(e){s.connectionType=e.message}try{i.documentHeight=function(){"use strict";return Math.max(document.body.scrollHeight,document.body.offsetHeight,document.documentElement.clientHeight,document.documentElement.scrollHeight,document.documentElement.offsetHeight)}()}catch(e){s.documentHeight=e.message}try{i.documentTitle=function(){"use strict";return document.title}()}catch(e){s.documentTitle=e.message}try{i.documentWidth=function(){"use strict";return Math.max(document.body.scrollWidth,document.body.offsetWidth,document.documentElement.clientWidth,document.documentElement.scrollWidth,document.documentElement.offsetWidth)}()}catch(e){s.documentWidth=e.message}try{i.domDepth=function(){"use strict";function e(e){let t=0;if(e.parentNode)for(;e=e.parentNode;)t++;return t}const t=function(t){const n=t.getElementsByTagName("*");let o=n.length,r=0,i=0;for(;o--;){let t=e(n[o]);t>i&&(i=t),r+=t}return{avg:r/n.length,max:i}}(document);return{avg:Math.round(t.avg),max:t.max}}()}catch(e){s.domDepth=e.message}try{i.domElements=function(){"use strict";return document.getElementsByTagName("*").length}()}catch(e){s.domElements=e.message}try{i.generator=function(){"use strict";const e=document.querySelector('meta[name="generator"]');if(e)return e.getAttribute("content")}()}catch(e){s.generator=e.message}try{i.head=function(e){"use strict";return{jssync:e.getSynchJSFiles(document.head),jsasync:e.getAsynchJSFiles(document.head),css:e.getCSSFiles(document.head)}}(e)}catch(e){s.head=e.message}try{i.iframes=function(){"use strict";return document.getElementsByTagName("iframe").length}()}catch(e){s.iframes=e.message}try{i.localStorageSize=function(){"use strict";return function(e){if(e){const t=e.length||Object.keys(e).length;let n=0;for(let o=0;o<t;o++){const t=e.key(o),r=e.getItem(t);n+=t.length+r.length}return n}return 0}(window.localStorage)}()}catch(e){s.localStorageSize=e.message}try{i.metaDescription=function(){"use strict";const e=document.querySelector('meta[name="description"]'),t=document.querySelector('meta[property="og:description"]');return e?e.getAttribute("content"):t?t.getAttribute("content"):""}()}catch(e){s.metaDescription=e.message}try{i.networkConnectionType=function(){"use strict";return window.navigator.connection?window.navigator.connection.effectiveType:"unknown"}()}catch(e){s.networkConnectionType=e.message}try{i.resourceHints=function(e){"use strict";return{"dns-prefetch":e.getResourceHintsHrefs("dns-prefetch"),preconnect:e.getResourceHintsHrefs("preconnect"),prefetch:e.getResourceHintsHrefs("prefetch"),prerender:e.getResourceHintsHrefs("prerender")}}(e)}catch(e){s.resourceHints=e.message}try{i.responsive=function(){"use strict";let e=!0;const t=document.body.scrollWidth,n=window.innerWidth,o=document.body.children;for(var r in t>n&&(e=!1),o)o[r].scrollWidth>n&&(e=!1);return e}()}catch(e){s.responsive=e.message}try{i.scripts=function(){"use strict";return document.getElementsByTagName("script").length}()}catch(e){s.scripts=e.message}try{i.serializedDomSize=function(){"use strict";return document.body.innerHTML.length}()}catch(e){s.serializedDomSize=e.message}try{i.serviceWorker=function(){"use strict";return"serviceWorker"in navigator&&(!!navigator.serviceWorker.controller&&("activated"===navigator.serviceWorker.controller.state&&navigator.serviceWorker.controller.scriptURL))}()}catch(e){s.serviceWorker=e.message}try{i.sessionStorageSize=function(){"use strict";return function(e){const t=e.length||Object.keys(e).length;let n=0;for(let o=0;o<t;o++){const t=e.key(o),r=e.getItem(t);n+=t.length+r.length}return n}(window.sessionStorage)}()}catch(e){s.sessionStorageSize=e.message}try{i.userTiming=function(){"use strict";let e=0,t=0;return window.performance&&window.performance.getEntriesByType&&(t=window.performance.getEntriesByType("measure").length,e=window.performance.getEntriesByType("mark").length),{marks:e,measures:t}}()}catch(e){s.userTiming=e.message}try{i.windowSize=function(){"use strict";return(window.innerWidth||document.documentElement.clientWidth||document.body.clientWidth)+"x"+(window.innerHeight||document.documentElement.clientHeight||document.body.clientHeight)}()}catch(e){s.windowSize=e.message}t.info=i,Object.keys(s).length>0&&(n.info=s);var a={},c={};try{a.avoidScalingImages=function(e){"use strict";const t=[],n=Array.prototype.slice.call(document.getElementsByTagName("img"));let o=0,r="";for(let r=0,i=n.length;r<i;r++){const i=n[r];i.clientWidth+100<i.naturalWidth&&i.clientWidth>0&&(t.push(e.getAbsoluteURL(i.currentSrc)),o+=10)}return o>0&&(r=`The page has ${e.plural(o/10,"image")} that are scaled more than 100 pixels. It would be better if those images are sent so the browser don't need to scale them.`),{id:"avoidScalingImages",title:"Don't scale images in the browser",description:"It's easy to scale images in the browser and make sure they look good in different devices, however that is bad for performance! Scaling images in the browser takes extra CPU time and will hurt performance on mobile. And the user will download extra kilobytes (sometimes megabytes) of data that could be avoided. Don't do that, make sure you create multiple version of the same image server-side and serve the appropriate one.",advice:r,score:Math.max(0,100-o),weight:5,offending:t,tags:["performance","image"]}}(e)}catch(e){c.avoidScalingImages=e.message}try{a.cssPrint=function(e){"use strict";const t=[],n=document.getElementsByTagName("link");for(let o=0,r=n.length;o<r;o++)"print"===n[o].media&&t.push(e.getAbsoluteURL(n[o].href));const o=10*t.length;return{id:"cssPrint",title:"Do not load specific print stylesheets.",description:"Loading a specific stylesheet for printing slows down the page, even though it is not used. You can include the print styles inside your other CSS file(s) just by using an @media query targeting type print.",advice:t.length>0?`The page has ${e.plural(t.length,"print stylesheet")}. You should include that stylesheet using @media type print instead.`:"",score:Math.max(0,100-o),weight:1,offending:t,tags:["performance","css"]}}(e)}catch(e){c.cssPrint=e.message}try{a.fastRender=function(e){"use strict";const t=[],n=e.getCSSFiles(document.head),o=e.getSynchJSFiles(document.head),r=document.domain,i=[],s=e.getResourceHintsHrefs("preconnect").map((function(t){return e.getHostname(t)}));let a=0,c=0,u="",d=0;function h(n){const o=e.getHostname(n);o!==r?(t.push(n),e.exists(o,i)||(d+=e.exists(o,s)?5:10,i.push(o)),d+=5):(t.push(n),d+=5)}return e.isHTTP2()?(n.length>0&&(u="",n.forEach((function(n){e.getTransferSize(n)>14500&&(t.push(n),d+=5,a++,u+="The style "+n+" is larger than the magic number TCP window size 14.5 kB. Make the file smaller and the page will render faster. ")}))),o.length>0&&(d+=10*o.length,o.forEach((function(e){t.push(e),c++})),u+="Avoid loading synchronously JavaScript inside of head, you shouldn't need JavaScript to render your page! ")):e.isHTTP3()||(n.forEach((function(e){h(e)})),a=n.length,o.forEach((function(e){h(e)})),c=o.length),t.length>0&&(u+=`The page has ${e.plural(a,"render blocking CSS request")} and ${e.plural(c,"blocking JavaScript request")} inside of head.`),{id:"fastRender",title:"Avoid slowing down the critical rendering path",description:"The critical rendering path is what the browser needs to do to start rendering the page. Every file requested inside of the head element will postpone the rendering of the page, because the browser need to do the request. Avoid loading JavaScript synchronously inside of the head (you should not need JavaScript to render the page), request files from the same domain as the main document (to avoid DNS lookups) and inline CSS or use server push for really fast rendering and a short rendering path.",advice:u,score:Math.max(0,100-d),weight:10,offending:t,tags:["performance"]}}(e)}catch(e){c.fastRender=e.message}try{a.googletagmanager=function(){"use strict";var e=100;return window.google_tag_manager&&(e=0),{id:"googletagmanager",title:"Avoid using Google Tag Manager",description:"Google Tag Manager makes it possible for non tech users to add scripts to your page that will downgrade performance.",advice:0===e?"The page is using Google Tag Manager, this is a performance risk since non-tech users can add JavaScript to your page.":"",score:e,weight:5,offending:[],tags:["performance","js"]}}()}catch(e){c.googletagmanager=e.message}try{a.inlineCss=function(e){"use strict";const t=[],n=e.getCSSFiles(document.head),o=Array.prototype.slice.call(window.document.head.getElementsByTagName("style"));let r="",i=0;return e.isHTTP2()&&n.length>0&&o.length>0?(i+=5,r="The page has both inline CSS and CSS requests even though it uses a HTTP/2-ish connection. If you have many users on slow connections, it can be better to only inline the CSS. Run your own tests and check the waterfall graph to see what happens."):e.isHTTP2()&&o.length>0&&0===n.length?r+="The page has inline CSS and uses HTTP/2. Do you have a lot of users with slow connections on the site? It is good to inline CSS when using HTTP/2.":e.isHTTP2()&&n.length>0&&(r+="It is always faster for the user if you inline CSS instead of making a CSS request."),e.isHTTP3()?r="The page uses HTTP3. HTTP3 is (super) new and it is hard to say if inlined is good or not. The coach will improve the advice when there is a new best practice.":e.isHTTP2()||(n.length>0&&0===o.length&&(i+=10*n.length,r="The page loads "+e.plural(n.length,"CSS request")+" inside of head, try to inline the CSS for the first render and lazy load the rest.",t.push.apply(t,n)),o.length>0&&n.length>0&&(i+=10,r+="The page has both inline styles as well as it is requesting "+e.plural(n.length,"CSS file")+" inside of the head. Let's only inline CSS for really fast render.",t.push.apply(t,n))),{id:"inlineCss",title:"Inline CSS for faster first render",description:"In the early days of the Internet, inlining CSS was one of the ugliest things you can do. That has changed if you want your page to start rendering fast for your user. Always inline the critical CSS when you use HTTP/1 and HTTP/2 (avoid doing CSS requests that block rendering) and lazy load and cache the rest of the CSS. It is a little more complicated when using HTTP/2. Does your server support HTTP push? Then maybe that can help. Do you have a lot of users on a slow connection and are serving large chunks of HTML? Then it could be better to use the inline technique, becasue some servers always prioritize HTML content over CSS so the user needs to download the HTML first, before the CSS is downloaded.",advice:r,score:Math.max(0,100-i),weight:7,offending:t,tags:["performance","css"]}}(e)}catch(e){c.inlineCss=e.message}try{a.jquery=function(e){"use strict";const t=[];if("function"==typeof window.jQuery){let e=window.$;t.push(window.jQuery.fn.jquery);let n=window.jQuery;for(;n.fn&&n.fn.jquery&&(n=window.jQuery.noConflict(!0),window.jQuery&&window.jQuery.fn)&&n.fn.jquery!==window.jQuery.fn.jquery;)t.push(window.jQuery.fn.jquery);window.$=e}return{id:"jquery",title:"Avoid using more than one jQuery version per page",description:"There are sites out there that use multiple versions of jQuery on the same page. You shouldn't do that because the user will then unnecessarily download extra data. Cleanup the code and make sure you only use one version.",advice:t.length>1?"The page uses "+e.plural(t.length,"version")+" of jQuery! You only need one version, please remove the unnecessary version(s).":"",score:t.length>1?0:100,weight:4,offending:t,tags:["jQuery","performance"]}}(e)}catch(e){c.jquery=e.message}try{a.longTasks=function(e){"use strict";const t=[];let n=0,o=0,r="The page do not have any CPU Long Tasks.";const i=PerformanceObserver.supportedEntryTypes;if(i&&-1!==i.indexOf("longtask")){const e=new PerformanceObserver((()=>{}));e.observe({type:"longtask",buffered:!0});for(let r of e.takeRecords())n+=20,o+=r.duration,t.push(r.name)}else r="The Long Task API is not supported in this browser.";return{id:"longTasks",title:"Avoid CPU Long Tasks",description:'Long CPU tasks locks the thread. To the user this is commonly visible as a "locked up" page where the browser is unable to respond to user input; this is a major source of bad user experience on the web today. However the CPU Long Task is depending on the computer/phones actual CPU speed, so you should measure this on the same type of the device that your user is using.',advice:t.length>0?"The page has "+e.plural(t.length,"CPU long task")+" with the total of "+o.toFixed(0)+" ms. However the CPU Long Task is depending on the computer/phones actual CPU speed, so you should measure this on the same type of the device that your user is using. Use Geckoprofiler for Firefox or Chromes tracelog to debug your Long Task.":r,score:Math.max(0,100-n),weight:8,offending:t,tags:["performance","js"]}}(e)}catch(e){c.longTasks=e.message}try{a.spof=function(e){"use strict";const t=[],n=[],o=document.domain,r=e.getCSSFiles(document.head);let i=0;r.forEach((function(r){const s=e.getHostname(r);s!==o&&(t.push(r),-1===n.indexOf(s)&&(n.push(s),i+=10))}));return e.getSynchJSFiles(document.head).forEach((function(r){const s=e.getHostname(r);s!==o&&(t.push(r),-1===n.indexOf(s)&&(n.push(s),i+=10))})),{id:"spof",title:"Avoid Frontend single point of failures",description:"A page can be stopped from loading in the browser if a single JavaScript, CSS, and in some cases a font, couldn't be fetched or is loading really slowly (the white screen of death). That is a scenario you really want to avoid. Never load 3rd-party components synchronously inside of the head tag.",advice:t.length>0?"The page has "+e.plural(t.length,"request")+" inside of the head that can cause a SPOF (single point of failure). Load them asynchronously or move them outside of the document head.":"",score:Math.max(0,100-i),weight:7,offending:t,tags:["performance","css","js"]}}(e)}catch(e){c.spof=e.message}try{a.thirdPartyAsyncJs=function(e){"use strict";const t=["ajax.googleapis.com","apis.google.com",".google-analytics.com","connect.facebook.net","platform.twitter.com","code.jquery.com","platform.linkedin.com",".disqus.com","assets.pinterest.com","widgets.digg.com",".addthis.com","code.jquery.com","ad.doubleclick.net",".lognormal.com","embed.spotify.com"];function n(n){const o=e.getHostname(n);let r;for(let e=0,n=t.length;e<n;e++)if(r=new RegExp(t[e]),r.test(o))return!0;return!1}let o=0;const r=[],i=e.getSynchJSFiles(document);for(let e=0,t=i.length;e<t;e++)n(i[e])&&(r.push(i[e]),o+=10);return{id:"thirdPartyAsyncJs",title:"Always load third-party JavaScript asynchronously",description:"Use JavaScript snippets that load the JS files asynchronously in order to speed up the user experience and avoid blocking the initial load.",advice:r.length>0?"The page has "+e.plural(r.length,"synchronous 3rd-party JavaScript request")+". Change it to be asynchronous instead.":"",score:Math.max(0,100-o),weight:5,offending:r,tags:["performance","js"]}}(e)}catch(e){c.thirdPartyAsyncJs=e.message}t.performance={adviceList:a},Object.keys(c).length>0&&(n.performance=c);var u={},d={};try{u.ampPrivacy=function(){"use strict";const e=document.getElementsByTagName("html")[0];let t=100;return(e&&e.getAttribute("amp-version")||window.AMP)&&(t=0),{id:"ampPrivacy",title:"Avoid including AMP",description:"You share share private user information with Google that your user hasn't agreed on sharing.",advice:0===t?"The page is using AMP, that makes you share private user information with Google.":"",score:t,weight:8,offending:[],tags:["privacy"]}}()}catch(e){d.ampPrivacy=e.message}try{u.facebook=function(){"use strict";let e=100;return window.FB&&(e=0),{id:"facebook",title:"Avoid including Facebook",description:"You share share private user information with Facebook that your user hasn't agreed on sharing.",advice:0===e?"The page gets content from Facebook. That means you share your users private information with Facebook.":"",score:e,weight:8,offending:[],tags:["privacy"]}}()}catch(e){d.facebook=e.message}try{u.fingerprint=function(){"use strict";let e=100;return(window.FingerprintJS||window.Fingerprint2)&&(e=0),{id:"fingerprint",title:"Do not fingerprint your user.",description:'Fingerprinting consists of collecting different kinds of information about the user with the goal of building a unique "fingerprint" for them. Different types of fingerprinting are used on the web by trackers. Browser fingerprinting use characteristics specific to the browser of the user, relying on the fact that the chance of another user having the exact same browser set-up is fairly small if there are a large enough number of variables to track',advice:0===e?"The page uses https://fingerprintjs.com to fingerprint the user.":"",score:e,weight:8,offending:[],tags:["privacy"]}}()}catch(e){d.fingerprint=e.message}try{u.ga=function(){"use strict";let e=100;return window.ga&&window.ga.create&&(e=0),{id:"ga",title:"Avoid using Google Analytics",description:"Google Analytics share private user information with Google that your user hasn't agreed on sharing.",advice:0===e?"The page is using Google Analytics meaning you share your users private information with Google. You should use analytics that care about user privacy, something like https://matomo.org.":"",score:e,weight:8,offending:[],tags:["privacy"]}}()}catch(e){d.ga=e.message}try{u.https=function(){"use strict";let e=100,t="";return-1===document.URL.indexOf("https://")&&(e=0,t="What!! The page is not using HTTPS. Every unencrypted HTTP request reveals information about user’s behavior, read more about it at https://https.cio.gov/everything/. You can get a totally free SSL/TLS certificate from https://letsencrypt.org/."),{id:"https",title:"Serve your content securely",description:"A page should always use HTTPS (https://https.cio.gov/everything/). You also need that for HTTP/2. You can get your free SSL/TLC certificate from https://letsencrypt.org/.",advice:t,score:e,weight:10,offending:[],tags:["privacy"]}}()}catch(e){d.https=e.message}try{u.surveillance=function(){"use strict";const e=document.domain,t=[],n=[".google.","facebook.com","youtube.","yahoo.com"];let o=100;for(var r=0;r<n.length;r++)e.indexOf(n[r])>-1&&(o=0,t.push(e));return{id:"surveillance",title:"Avoid using surveillance web sites",description:"Do not use web sites that harvest private user information and sell it to other companies. See https://en.wikipedia.org/wiki/Surveillance_capitalism",advice:0===o?e+" harvest user information and sell it to other companies without the users agreement. That is not OK.":"",score:o,weight:10,offending:t,tags:["privacy"]}}()}catch(e){d.surveillance=e.message}try{u.youtube=function(){"use strict";let e=100;return window.YT&&(e=0),{id:"youtube",title:"Avoid including Youtube videos",description:"If you include Youtube videos on your page, you are sharing private user information with Google.",advice:0===e?"The page is including code from Youtube. You share user private information with Google. Instead you can host a video screenshot and let the user choose to go to Youtube or not, by clicking on the screenshot. You can look at http://labnol.org/?p=27941 and make sure you host your screenshot yourself. Or choose another video service.":"",score:e,weight:6,offending:[],tags:["privacy"]}}()}catch(e){d.youtube=e.message}t.privacy={adviceList:u},Object.keys(d).length>0&&(n.privacy=d);var h={},l={};try{h.elementTimings=function(){"use strict";const e=PerformanceObserver.supportedEntryTypes;if(!e||-1===e.indexOf("element"))return;const t=new PerformanceObserver((()=>{}));t.observe({type:"element",buffered:!0});const n=t.takeRecords(),o={};for(let e of n)o[e.identifier]={duration:e.duration,url:e.url,loadTime:Number(e.loadTime.toFixed(0)),renderTime:Number(e.renderTime.toFixed(0)),startTime:Number(e.startTime.toFixed(0)),naturalHeight:e.naturalHeight,naturalWidth:e.naturalWidth,tagName:e.element?e.element.tagName:""};return o}()}catch(e){l.elementTimings=e.message}try{h.fullyLoaded=function(){"use strict";if(window.performance&&window.performance.getEntriesByType){const e=window.performance.getEntriesByType("resource");let t=0;for(let n=1,o=e.length;n<o;n++)e[n].responseEnd>t&&(t=e[n].responseEnd);return t}return-1}()}catch(e){l.fullyLoaded=e.message}try{h.largestContentfulPaint=function(){"use strict";const e=PerformanceObserver.supportedEntryTypes;if(!e||-1===e.indexOf("largest-contentful-paint"))return;const t=new PerformanceObserver((()=>{}));t.observe({type:"largest-contentful-paint",buffered:!0});const n=t.takeRecords();if(n.length>0){const e=n[n.length-1];return{duration:e.duration,id:e.id,url:e.url,loadTime:Number(e.loadTime.toFixed(0)),renderTime:Number(Math.max(e.renderTime,e.loadTime).toFixed(0)),size:e.size,startTime:Number(e.startTime.toFixed(0)),tagName:e.element?e.element.tagName:""}}}()}catch(e){l.largestContentfulPaint=e.message}try{h.navigationTimings=function(){"use strict";const e=window.performance.timing,t={navigationStart:0,unloadEventStart:e.unloadEventStart>0?e.unloadEventStart-e.navigationStart:void 0,unloadEventEnd:e.unloadEventEnd>0?e.unloadEventEnd-e.navigationStart:void 0,redirectStart:e.redirectStart>0?e.redirectStart-e.navigationStart:void 0,redirectEnd:e.redirectEnd>0?e.redirectEnd-e.navigationStart:void 0,fetchStart:e.fetchStart-e.navigationStart,domainLookupStart:e.domainLookupStart-e.navigationStart,domainLookupEnd:e.domainLookupEnd-e.navigationStart,connectStart:e.connectStart-e.navigationStart,connectEnd:e.connectEnd-e.navigationStart,secureConnectionStart:e.secureConnectionStart?e.secureConnectionStart-e.navigationStart:void 0,requestStart:e.requestStart-e.navigationStart,responseStart:e.responseStart-e.navigationStart,responseEnd:e.responseEnd-e.navigationStart,domLoading:e.domLoading-e.navigationStart,domInteractive:e.domInteractive-e.navigationStart,domContentLoadedEventStart:e.domContentLoadedEventStart-e.navigationStart,domContentLoadedEventEnd:e.domContentLoadedEventEnd-e.navigationStart,domComplete:e.domComplete-e.navigationStart,loadEventStart:e.loadEventStart-e.navigationStart,loadEventEnd:e.loadEventEnd-e.navigationStart};return Object.keys(t).forEach((function(e){void 0===t[e]&&delete t[e]})),t}()}catch(e){l.navigationTimings=e.message}try{h.paintTimings=function(){"use strict";const e=window.performance.getEntriesByType("paint"),t={};if(e.length>0){for(var n=0;n<e.length;n++)t[e[n].name]=Number(e[n].startTime.toFixed(0));return t}}()}catch(e){l.paintTimings=e.message}try{h.userTimings=function(){"use strict";const e=[],t=[];if(window.performance&&window.performance.getEntriesByType){Array.prototype.slice.call(window.performance.getEntriesByType("mark")).forEach((function(e){t.push({name:e.name,startTime:e.startTime})}));Array.prototype.slice.call(window.performance.getEntriesByType("measure")).forEach((function(t){e.push({name:t.name,duration:t.duration,startTime:t.startTime})}))}return{marks:t,measures:e}}()}catch(e){l.userTimings=e.message}return t.timings=h,Object.keys(l).length>0&&(n.timings=l),function(e){var t=0,n=0;Object.keys(e).forEach((function(o){var r=0,i=0,s=e[o].adviceList;s&&Object.keys(s).forEach((function(e){var o=s[e];t+=o.score*o.weight,r+=o.score*o.weight,n+=o.weight,i+=o.weight})),i>0&&(e[o].score=Math.round(r/i))})),e.score=Math.round(t/n)}(t),{advice:t,errors:n,url:document.URL,version:"6.0.0-beta.6"}}(e)}console.error("Missing window or window document")})();
(function(){if("undefined"!=typeof window){"use strict";const e={getAbsoluteURL:function(e){const t=window.document.createElement("a");return t.href=e,t.href},getHostname:function(e){const t=window.document.createElement("a");return t.href=e,t.hostname},exists:function(e,t){return t.some((function(t){return t===e}))},caseInsensitiveAttributeValueFilter:function(e,t){return function(n){if((n.getAttribute(e)||"").toLowerCase()===t.toLowerCase())return n}},isHTTP2:function(){const t=e.getConnectionType().toLowerCase();return"h2"===t||t.startsWith("spdy")},isHTTP3:function(){return e.getConnectionType().toLowerCase().startsWith("h3")},getConnectionType:function(){if(window.performance.getEntriesByType("navigation")&&window.performance.getEntriesByType("navigation")[0]&&window.performance.getEntriesByType("navigation")[0].nextHopProtocol)return window.performance.getEntriesByType("navigation")[0].nextHopProtocol;if(window.performance&&window.performance.getEntriesByType&&window.performance.getEntriesByType("resource")){const t=window.performance.getEntriesByType("resource");if(t.length>1&&t[0].nextHopProtocol){const n=document.domain;for(let o=0,r=t.length;o<r;o++)if(n===e.getHostname(t[o].name))return t[o].nextHopProtocol}}return"unknown"},getSynchJSFiles:function(t){return Array.prototype.slice.call(t.getElementsByTagName("script")).filter((function(e){return!e.async&&e.src&&!e.defer})).map((function(t){return e.getAbsoluteURL(t.src)}))},getAsynchJSFiles:function(t){return Array.prototype.slice.call(t.getElementsByTagName("script")).filter((function(e){return e.async&&e.src})).map((function(t){return e.getAbsoluteURL(t.src)}))},getResourceHintsHrefs:function(e){return Array.prototype.slice.call(window.document.head.getElementsByTagName("link")).filter((function(t){return t.rel===e})).map((function(e){return e.href}))},getCSSFiles:function(t){return Array.prototype.slice.call(t.getElementsByTagName("link")).filter((function(e){return"stylesheet"===e.rel&&!e.href.startsWith("data:")})).map((function(t){return e.getAbsoluteURL(t.href)}))},plural:function(e,t){return e>1&&(t+="s"),`${e} ${t}`},getTransferSize:function(e){const t=window.performance.getEntriesByName(e,"resource");return 1===t.length&&"number"==typeof t[0].transferSize?t[0].transferSize:0}};return function(e){var t={},n={},o={},r={};try{o.charset=function(){"use strict";let e=100,t="";const n=document.characterSet;return null===n?(t="The page is missing a character set. If you use Chrome/Firefox we know you are missing it, if you use another browser, it could be an implementation problem.",e=0):"UTF-8"!==n&&(t="You are not using charset UTF-8?",e=50),{id:"charset",title:"Declare a charset in your document",description:"The Unicode Standard (UTF-8) covers (almost) all the characters, punctuations, and symbols in the world. Please use that.",advice:t,score:e,weight:2,offending:[],tags:["bestpractice"]}}()}catch(e){r.charset=e.message}try{o.doctype=function(){"use strict";let e=100,t="";const n=document.doctype;return null===n?(t="The page is missing a doctype. Please use <!DOCTYPE html>.",e=0):("html"!==n.name.toLowerCase()||""!==n.systemId&&"about:legacy-compat"!==n.systemId.toLowerCase())&&(t="Just do yourself a favor and use the HTML5 doctype declaration: <!DOCTYPE html>",e=25),{id:"doctype",title:"Declare a doctype in your document",description:"The <!DOCTYPE> declaration is not an HTML tag; it is an instruction to the web browser about what version of HTML the page is written in.",advice:t,score:e,weight:2,offending:[],tags:["bestpractice"]}}()}catch(e){r.doctype=e.message}try{o.language=function(){"use strict";const e=document.getElementsByTagName("html"),t=e[0].getAttribute("lang");let n=100,o="";return e.length>0?null===t&&(n=0,o='The page is missing a language definition in the HTML tag. Define it with <html lang="YOUR_LANGUAGE_CODE">'):(n=0,o="What! The page is missing the HTML tag!"),{id:"language",title:"Declare the language code for your document",description:"According to the W3C recommendation you should declare the primary language for each Web page with the lang attribute inside the <html> tag https://www.w3.org/International/questions/qa-html-language-declarations#basics.",advice:o,score:n,weight:3,offending:[],tags:["bestpractice"]}}()}catch(e){r.language=e.message}try{o.layoutShift=function(){"use strict";const e=[];let t="There is no Layout Shift on the page.",n=0;const o=PerformanceObserver.supportedEntryTypes;if(o&&-1!==o.indexOf("layout-shift")){const t=new PerformanceObserver((()=>{}));t.observe({type:"layout-shift",buffered:!0});for(let o of t.takeRecords())if(!o.hadRecentInput){n+=o.value;for(let t of o.sources)t.node&&t.node.currentSrc?e.push(t.node.currentSrc):t.node&&e.push(t.node.nodeName+" "+t.node.className)}}else t="Layout Shift is not supported in this browser";return{id:"layoutShift",title:"Cumulative Layout Shift",description:"Cumulative Layout Shift measures the sum total of all individual layout shift scores for every unexpected layout shift that occurs during the entire lifespan of the page. A layout shift occurs any time a visible element changes its position from one rendered frame to the next.",advice:n>0?"You have elements that shift. You should manually check the filmstrip or video and check if it will affect the user.":t,score:Math.round(Math.max(0,100-100*n)),weight:8,offending:e,tags:["bestpractice"]}}()}catch(e){r.layoutShift=e.message}try{o.metaDescription=function(e){"use strict";let t=100,n="",o=Array.prototype.slice.call(document.querySelectorAll("meta[name][content]"));o=o.filter(e.caseInsensitiveAttributeValueFilter("name","description"));const r=o.length>0?o[0].getAttribute("content"):"";return 0===r.length?(n="The page is missing a meta description.",t=0):r.length>155&&(n="The meta description is too long. It has "+r.length+" characters, the recommended max is 155",t=50),{id:"metaDescription",title:"Meta description",description:"Use a page description to make the page more relevant to search engines.",advice:n,score:t,weight:5,offending:[],tags:["bestpractice"]}}(e)}catch(e){r.metaDescription=e.message}try{o.optimizely=function(e){"use strict";const t=e.getSynchJSFiles(document.head),n=[];let o=100,r="";return t.forEach((function(t){"cdn.optimizely.com"===e.getHostname(t)&&(n.push(t),o=0,r="The page is using Optimizely. Use it with care because it hurts your performance. Only turn it on (= load the JavaScript) when you run your A/B tests. Then when you are finished make sure to turn it off.")})),{id:"optimizely",title:"Only use Optimizely when you need it",description:"Use Optimizely with care because it hurts your performance since JavaScript is loaded synchronously inside of the head tag, making the first paint happen later. Only turn on Optimzely (= load the javascript) when you run your A/B tests.",advice:r,score:o,weight:2,offending:n,tags:["bestpractice"]}}(e)}catch(e){r.optimizely=e.message}try{o.pageTitle=function(){"use strict";const e=document.title;let t=100,n="";return 0===e.length?(n="The page is missing a title.",t=0):e.length>60&&(n="The title is too long by "+(e.length-60)+" characters. The recommended max is 60",t=50),{id:"pageTitle",title:"Page title",description:"Use a title to make the page more relevant to search engines.",advice:n,score:t,weight:5,offending:[],tags:["bestpractice"]}}()}catch(e){r.pageTitle=e.message}try{o.spdy=function(){"use strict";let t=100,n="";return-1!==e.getConnectionType().indexOf("spdy")&&(t=0,n="The page is using SPDY. Chrome dropped support for SPDY in Chrome 51. Change to HTTP/2 asap."),{id:"spdy",title:"EOL for SPDY in Chrome",description:"Chrome dropped supports for SPDY in Chrome 51, upgrade to HTTP/2 as soon as possible. The page has more users (browsers) supporting HTTP/2 than supports SPDY.",advice:n,score:t,weight:1,offending:[],tags:["bestpractice"]}}()}catch(e){r.spdy=e.message}try{o.url=function(){"use strict";const e=document.URL;let t=100,n="";return e.indexOf("?")>-1&&e.indexOf("jsessionid")>e.indexOf("?")&&(t=0,n="The page has the session id for the user as a parameter, please change so the session handling is done only with cookies. "),(e.match(/&/g)||[]).length>1&&(t-=50,n+="The page is using more than two request parameters. You should really rethink and try to minimize the number of parameters. "),e.length>100&&(t-=10,n+="The URL is "+e.length+" characters long. Try to make it less than 100 characters. "),(e.indexOf(" ")>-1||e.indexOf("%20")>-1)&&(t-=10,n+="Could the developer or the CMS be on Windows? Avoid using spaces in the URLs, use hyphens or underscores. "),{id:"url",title:"Have a good URL format",description:"A clean URL is good for the user and for SEO. Make them human readable, avoid too long URLs, spaces in the URL, too many request parameters, and never ever have the session id in your URL.",advice:n,score:t<0?0:t,weight:2,offending:[],tags:["bestpractice"]}}()}catch(e){r.url=e.message}t.bestpractice={adviceList:o},Object.keys(r).length>0&&(n.bestpractice=r);var i={},s={};try{i.amp=function(){"use strict";const e=document.getElementsByTagName("html")[0];return!!(e&&e.getAttribute("amp-version")||window.AMP)&&(e.getAttribute("amp-version")||!0)}()}catch(e){s.amp=e.message}try{i.browser=function(){"use strict";const{userAgent:e}=navigator;return e.includes("Firefox/")?"Firefox "+e.split("Firefox/")[1]:e.includes("Edg/")?"Edge "+e.split("Edg/")[1]:e.includes("Chrome/")?"Chrome "+e.match(/(Chrome)\/(\S+)/)[2]:e.includes("Safari/")?"Safari "+e.match(/(Version)\/(\S+)/)[2]:"Unknown"}()}catch(e){s.browser=e.message}try{i.connectionType=function(e){"use strict";return e.getConnectionType()}(e)}catch(e){s.connectionType=e.message}try{i.documentHeight=function(){"use strict";return Math.max(document.body.scrollHeight,document.body.offsetHeight,document.documentElement.clientHeight,document.documentElement.scrollHeight,document.documentElement.offsetHeight)}()}catch(e){s.documentHeight=e.message}try{i.documentTitle=function(){"use strict";return document.title}()}catch(e){s.documentTitle=e.message}try{i.documentWidth=function(){"use strict";return Math.max(document.body.scrollWidth,document.body.offsetWidth,document.documentElement.clientWidth,document.documentElement.scrollWidth,document.documentElement.offsetWidth)}()}catch(e){s.documentWidth=e.message}try{i.domDepth=function(){"use strict";function e(e){let t=0;if(e.parentNode)for(;e=e.parentNode;)t++;return t}const t=function(t){const n=t.getElementsByTagName("*");let o=n.length,r=0,i=0;for(;o--;){let t=e(n[o]);t>i&&(i=t),r+=t}return{avg:r/n.length,max:i}}(document);return{avg:Math.round(t.avg),max:t.max}}()}catch(e){s.domDepth=e.message}try{i.domElements=function(){"use strict";return document.getElementsByTagName("*").length}()}catch(e){s.domElements=e.message}try{i.generator=function(){"use strict";const e=document.querySelector('meta[name="generator"]');if(e)return e.getAttribute("content")}()}catch(e){s.generator=e.message}try{i.head=function(e){"use strict";return{jssync:e.getSynchJSFiles(document.head),jsasync:e.getAsynchJSFiles(document.head),css:e.getCSSFiles(document.head)}}(e)}catch(e){s.head=e.message}try{i.iframes=function(){"use strict";return document.getElementsByTagName("iframe").length}()}catch(e){s.iframes=e.message}try{i.localStorageSize=function(){"use strict";return function(e){if(e){const t=e.length||Object.keys(e).length;let n=0;for(let o=0;o<t;o++){const t=e.key(o),r=e.getItem(t);n+=t.length+r.length}return n}return 0}(window.localStorage)}()}catch(e){s.localStorageSize=e.message}try{i.metaDescription=function(){"use strict";const e=document.querySelector('meta[name="description"]'),t=document.querySelector('meta[property="og:description"]');return e?e.getAttribute("content"):t?t.getAttribute("content"):""}()}catch(e){s.metaDescription=e.message}try{i.networkConnectionType=function(){"use strict";return window.navigator.connection?window.navigator.connection.effectiveType:"unknown"}()}catch(e){s.networkConnectionType=e.message}try{i.resourceHints=function(e){"use strict";return{"dns-prefetch":e.getResourceHintsHrefs("dns-prefetch"),preconnect:e.getResourceHintsHrefs("preconnect"),prefetch:e.getResourceHintsHrefs("prefetch"),prerender:e.getResourceHintsHrefs("prerender")}}(e)}catch(e){s.resourceHints=e.message}try{i.responsive=function(){"use strict";let e=!0;const t=document.body.scrollWidth,n=window.innerWidth,o=document.body.children;for(var r in t>n&&(e=!1),o)o[r].scrollWidth>n&&(e=!1);return e}()}catch(e){s.responsive=e.message}try{i.scripts=function(){"use strict";return document.getElementsByTagName("script").length}()}catch(e){s.scripts=e.message}try{i.serializedDomSize=function(){"use strict";return document.body.innerHTML.length}()}catch(e){s.serializedDomSize=e.message}try{i.serviceWorker=function(){"use strict";return"serviceWorker"in navigator&&(!!navigator.serviceWorker.controller&&("activated"===navigator.serviceWorker.controller.state&&navigator.serviceWorker.controller.scriptURL))}()}catch(e){s.serviceWorker=e.message}try{i.sessionStorageSize=function(){"use strict";return function(e){const t=e.length||Object.keys(e).length;let n=0;for(let o=0;o<t;o++){const t=e.key(o),r=e.getItem(t);n+=t.length+r.length}return n}(window.sessionStorage)}()}catch(e){s.sessionStorageSize=e.message}try{i.userTiming=function(){"use strict";let e=0,t=0;return window.performance&&window.performance.getEntriesByType&&(t=window.performance.getEntriesByType("measure").length,e=window.performance.getEntriesByType("mark").length),{marks:e,measures:t}}()}catch(e){s.userTiming=e.message}try{i.windowSize=function(){"use strict";return(window.innerWidth||document.documentElement.clientWidth||document.body.clientWidth)+"x"+(window.innerHeight||document.documentElement.clientHeight||document.body.clientHeight)}()}catch(e){s.windowSize=e.message}t.info=i,Object.keys(s).length>0&&(n.info=s);var a={},c={};try{a.avoidScalingImages=function(e){"use strict";const t=[],n=Array.prototype.slice.call(document.getElementsByTagName("img"));let o=0,r="";for(let r=0,i=n.length;r<i;r++){const i=n[r];i.clientWidth+100<i.naturalWidth&&i.clientWidth>0&&(t.push(e.getAbsoluteURL(i.currentSrc)),o+=10)}return o>0&&(r=`The page has ${e.plural(o/10,"image")} that are scaled more than 100 pixels. It would be better if those images are sent so the browser don't need to scale them.`),{id:"avoidScalingImages",title:"Don't scale images in the browser",description:"It's easy to scale images in the browser and make sure they look good in different devices, however that is bad for performance! Scaling images in the browser takes extra CPU time and will hurt performance on mobile. And the user will download extra kilobytes (sometimes megabytes) of data that could be avoided. Don't do that, make sure you create multiple version of the same image server-side and serve the appropriate one.",advice:r,score:Math.max(0,100-o),weight:5,offending:t,tags:["performance","image"]}}(e)}catch(e){c.avoidScalingImages=e.message}try{a.cssPrint=function(e){"use strict";const t=[],n=document.getElementsByTagName("link");for(let o=0,r=n.length;o<r;o++)"print"===n[o].media&&t.push(e.getAbsoluteURL(n[o].href));const o=10*t.length;return{id:"cssPrint",title:"Do not load specific print stylesheets.",description:"Loading a specific stylesheet for printing slows down the page, even though it is not used. You can include the print styles inside your other CSS file(s) just by using an @media query targeting type print.",advice:t.length>0?`The page has ${e.plural(t.length,"print stylesheet")}. You should include that stylesheet using @media type print instead.`:"",score:Math.max(0,100-o),weight:1,offending:t,tags:["performance","css"]}}(e)}catch(e){c.cssPrint=e.message}try{a.fastRender=function(e){"use strict";const t=[],n=e.getCSSFiles(document.head),o=e.getSynchJSFiles(document.head),r=document.domain,i=[],s=e.getResourceHintsHrefs("preconnect").map((function(t){return e.getHostname(t)}));let a=0,c=0,u="",d=0;function h(n){const o=e.getHostname(n);o!==r?(t.push(n),e.exists(o,i)||(d+=e.exists(o,s)?5:10,i.push(o)),d+=5):(t.push(n),d+=5)}return e.isHTTP2()?(n.length>0&&(u="",n.forEach((function(n){e.getTransferSize(n)>14500&&(t.push(n),d+=5,a++,u+="The style "+n+" is larger than the magic number TCP window size 14.5 kB. Make the file smaller and the page will render faster. ")}))),o.length>0&&(d+=10*o.length,o.forEach((function(e){t.push(e),c++})),u+="Avoid loading synchronously JavaScript inside of head, you shouldn't need JavaScript to render your page! ")):e.isHTTP3()||(n.forEach((function(e){h(e)})),a=n.length,o.forEach((function(e){h(e)})),c=o.length),t.length>0&&(u+=`The page has ${e.plural(a,"render blocking CSS request")} and ${e.plural(c,"blocking JavaScript request")} inside of head.`),{id:"fastRender",title:"Avoid slowing down the critical rendering path",description:"The critical rendering path is what the browser needs to do to start rendering the page. Every file requested inside of the head element will postpone the rendering of the page, because the browser need to do the request. Avoid loading JavaScript synchronously inside of the head (you should not need JavaScript to render the page), request files from the same domain as the main document (to avoid DNS lookups) and inline CSS or use server push for really fast rendering and a short rendering path.",advice:u,score:Math.max(0,100-d),weight:10,offending:t,tags:["performance"]}}(e)}catch(e){c.fastRender=e.message}try{a.googletagmanager=function(){"use strict";var e=100;return window.google_tag_manager&&(e=0),{id:"googletagmanager",title:"Avoid using Google Tag Manager",description:"Google Tag Manager makes it possible for non tech users to add scripts to your page that will downgrade performance.",advice:0===e?"The page is using Google Tag Manager, this is a performance risk since non-tech users can add JavaScript to your page.":"",score:e,weight:5,offending:[],tags:["performance","js"]}}()}catch(e){c.googletagmanager=e.message}try{a.inlineCss=function(e){"use strict";const t=[],n=e.getCSSFiles(document.head),o=Array.prototype.slice.call(window.document.head.getElementsByTagName("style"));let r="",i=0;return e.isHTTP2()&&n.length>0&&o.length>0?(i+=5,r="The page has both inline CSS and CSS requests even though it uses a HTTP/2-ish connection. If you have many users on slow connections, it can be better to only inline the CSS. Run your own tests and check the waterfall graph to see what happens."):e.isHTTP2()&&o.length>0&&0===n.length?r+="The page has inline CSS and uses HTTP/2. Do you have a lot of users with slow connections on the site? It is good to inline CSS when using HTTP/2.":e.isHTTP2()&&n.length>0&&(r+="It is always faster for the user if you inline CSS instead of making a CSS request."),e.isHTTP3()?r="The page uses HTTP3. HTTP3 is (super) new and it is hard to say if inlined is good or not. The coach will improve the advice when there is a new best practice.":e.isHTTP2()||(n.length>0&&0===o.length&&(i+=10*n.length,r="The page loads "+e.plural(n.length,"CSS request")+" inside of head, try to inline the CSS for the first render and lazy load the rest.",t.push.apply(t,n)),o.length>0&&n.length>0&&(i+=10,r+="The page has both inline styles as well as it is requesting "+e.plural(n.length,"CSS file")+" inside of the head. Let's only inline CSS for really fast render.",t.push.apply(t,n))),{id:"inlineCss",title:"Inline CSS for faster first render",description:"In the early days of the Internet, inlining CSS was one of the ugliest things you can do. That has changed if you want your page to start rendering fast for your user. Always inline the critical CSS when you use HTTP/1 and HTTP/2 (avoid doing CSS requests that block rendering) and lazy load and cache the rest of the CSS. It is a little more complicated when using HTTP/2. Does your server support HTTP push? Then maybe that can help. Do you have a lot of users on a slow connection and are serving large chunks of HTML? Then it could be better to use the inline technique, becasue some servers always prioritize HTML content over CSS so the user needs to download the HTML first, before the CSS is downloaded.",advice:r,score:Math.max(0,100-i),weight:7,offending:t,tags:["performance","css"]}}(e)}catch(e){c.inlineCss=e.message}try{a.jquery=function(e){"use strict";const t=[];if("function"==typeof window.jQuery){let e=window.$;t.push(window.jQuery.fn.jquery);let n=window.jQuery;for(;n.fn&&n.fn.jquery&&(n=window.jQuery.noConflict(!0),window.jQuery&&window.jQuery.fn)&&n.fn.jquery!==window.jQuery.fn.jquery;)t.push(window.jQuery.fn.jquery);window.$=e}return{id:"jquery",title:"Avoid using more than one jQuery version per page",description:"There are sites out there that use multiple versions of jQuery on the same page. You shouldn't do that because the user will then unnecessarily download extra data. Cleanup the code and make sure you only use one version.",advice:t.length>1?"The page uses "+e.plural(t.length,"version")+" of jQuery! You only need one version, please remove the unnecessary version(s).":"",score:t.length>1?0:100,weight:4,offending:t,tags:["jQuery","performance"]}}(e)}catch(e){c.jquery=e.message}try{a.longTasks=function(e){"use strict";const t=[];let n=0,o=0,r="The page do not have any CPU Long Tasks.";const i=PerformanceObserver.supportedEntryTypes;if(i&&-1!==i.indexOf("longtask")){const e=new PerformanceObserver((()=>{}));e.observe({type:"longtask",buffered:!0});for(let r of e.takeRecords())n+=20,o+=r.duration,t.push(r.name)}else r="The Long Task API is not supported in this browser.";return{id:"longTasks",title:"Avoid CPU Long Tasks",description:'Long CPU tasks locks the thread. To the user this is commonly visible as a "locked up" page where the browser is unable to respond to user input; this is a major source of bad user experience on the web today. However the CPU Long Task is depending on the computer/phones actual CPU speed, so you should measure this on the same type of the device that your user is using.',advice:t.length>0?"The page has "+e.plural(t.length,"CPU long task")+" with the total of "+o.toFixed(0)+" ms. However the CPU Long Task is depending on the computer/phones actual CPU speed, so you should measure this on the same type of the device that your user is using. Use Geckoprofiler for Firefox or Chromes tracelog to debug your Long Task.":r,score:Math.max(0,100-n),weight:8,offending:t,tags:["performance","js"]}}(e)}catch(e){c.longTasks=e.message}try{a.spof=function(e){"use strict";const t=[],n=[],o=document.domain,r=e.getCSSFiles(document.head);let i=0;r.forEach((function(r){const s=e.getHostname(r);s!==o&&(t.push(r),-1===n.indexOf(s)&&(n.push(s),i+=10))}));return e.getSynchJSFiles(document.head).forEach((function(r){const s=e.getHostname(r);s!==o&&(t.push(r),-1===n.indexOf(s)&&(n.push(s),i+=10))})),{id:"spof",title:"Avoid Frontend single point of failures",description:"A page can be stopped from loading in the browser if a single JavaScript, CSS, and in some cases a font, couldn't be fetched or is loading really slowly (the white screen of death). That is a scenario you really want to avoid. Never load 3rd-party components synchronously inside of the head tag.",advice:t.length>0?"The page has "+e.plural(t.length,"request")+" inside of the head that can cause a SPOF (single point of failure). Load them asynchronously or move them outside of the document head.":"",score:Math.max(0,100-i),weight:7,offending:t,tags:["performance","css","js"]}}(e)}catch(e){c.spof=e.message}try{a.thirdPartyAsyncJs=function(e){"use strict";const t=["ajax.googleapis.com","apis.google.com",".google-analytics.com","connect.facebook.net","platform.twitter.com","code.jquery.com","platform.linkedin.com",".disqus.com","assets.pinterest.com","widgets.digg.com",".addthis.com","code.jquery.com","ad.doubleclick.net",".lognormal.com","embed.spotify.com"];function n(n){const o=e.getHostname(n);let r;for(let e=0,n=t.length;e<n;e++)if(r=new RegExp(t[e]),r.test(o))return!0;return!1}let o=0;const r=[],i=e.getSynchJSFiles(document);for(let e=0,t=i.length;e<t;e++)n(i[e])&&(r.push(i[e]),o+=10);return{id:"thirdPartyAsyncJs",title:"Always load third-party JavaScript asynchronously",description:"Use JavaScript snippets that load the JS files asynchronously in order to speed up the user experience and avoid blocking the initial load.",advice:r.length>0?"The page has "+e.plural(r.length,"synchronous 3rd-party JavaScript request")+". Change it to be asynchronous instead.":"",score:Math.max(0,100-o),weight:5,offending:r,tags:["performance","js"]}}(e)}catch(e){c.thirdPartyAsyncJs=e.message}t.performance={adviceList:a},Object.keys(c).length>0&&(n.performance=c);var u={},d={};try{u.ampPrivacy=function(){"use strict";const e=document.getElementsByTagName("html")[0];let t=100;return(e&&e.getAttribute("amp-version")||window.AMP)&&(t=0),{id:"ampPrivacy",title:"Avoid including AMP",description:"You share share private user information with Google that your user hasn't agreed on sharing.",advice:0===t?"The page is using AMP, that makes you share private user information with Google.":"",score:t,weight:8,offending:[],tags:["privacy"]}}()}catch(e){d.ampPrivacy=e.message}try{u.facebook=function(){"use strict";let e=100;return window.FB&&(e=0),{id:"facebook",title:"Avoid including Facebook",description:"You share share private user information with Facebook that your user hasn't agreed on sharing.",advice:0===e?"The page gets content from Facebook. That means you share your users private information with Facebook.":"",score:e,weight:8,offending:[],tags:["privacy"]}}()}catch(e){d.facebook=e.message}try{u.fingerprint=function(){"use strict";let e=100;return(window.FingerprintJS||window.Fingerprint2)&&(e=0),{id:"fingerprint",title:"Do not fingerprint your user.",description:'Fingerprinting consists of collecting different kinds of information about the user with the goal of building a unique "fingerprint" for them. Different types of fingerprinting are used on the web by trackers. Browser fingerprinting use characteristics specific to the browser of the user, relying on the fact that the chance of another user having the exact same browser set-up is fairly small if there are a large enough number of variables to track',advice:0===e?"The page uses https://fingerprintjs.com to fingerprint the user.":"",score:e,weight:8,offending:[],tags:["privacy"]}}()}catch(e){d.fingerprint=e.message}try{u.ga=function(){"use strict";let e=100;return window.ga&&window.ga.create&&(e=0),{id:"ga",title:"Avoid using Google Analytics",description:"Google Analytics share private user information with Google that your user hasn't agreed on sharing.",advice:0===e?"The page is using Google Analytics meaning you share your users private information with Google. You should use analytics that care about user privacy, something like https://matomo.org.":"",score:e,weight:8,offending:[],tags:["privacy"]}}()}catch(e){d.ga=e.message}try{u.https=function(){"use strict";let e=100,t="";return-1===document.URL.indexOf("https://")&&(e=0,t="What!! The page is not using HTTPS. Every unencrypted HTTP request reveals information about user’s behavior, read more about it at https://https.cio.gov/everything/. You can get a totally free SSL/TLS certificate from https://letsencrypt.org/."),{id:"https",title:"Serve your content securely",description:"A page should always use HTTPS (https://https.cio.gov/everything/). You also need that for HTTP/2. You can get your free SSL/TLC certificate from https://letsencrypt.org/.",advice:t,score:e,weight:10,offending:[],tags:["privacy"]}}()}catch(e){d.https=e.message}try{u.surveillance=function(){"use strict";const e=document.domain,t=[],n=[".google.","facebook.com","youtube.","yahoo.com"];let o=100;for(var r=0;r<n.length;r++)e.indexOf(n[r])>-1&&(o=0,t.push(e));return{id:"surveillance",title:"Avoid using surveillance web sites",description:"Do not use web sites that harvest private user information and sell it to other companies. See https://en.wikipedia.org/wiki/Surveillance_capitalism",advice:0===o?e+" harvest user information and sell it to other companies without the users agreement. That is not OK.":"",score:o,weight:10,offending:t,tags:["privacy"]}}()}catch(e){d.surveillance=e.message}try{u.youtube=function(){"use strict";let e=100;return window.YT&&(e=0),{id:"youtube",title:"Avoid including Youtube videos",description:"If you include Youtube videos on your page, you are sharing private user information with Google.",advice:0===e?"The page is including code from Youtube. You share user private information with Google. Instead you can host a video screenshot and let the user choose to go to Youtube or not, by clicking on the screenshot. You can look at http://labnol.org/?p=27941 and make sure you host your screenshot yourself. Or choose another video service.":"",score:e,weight:6,offending:[],tags:["privacy"]}}()}catch(e){d.youtube=e.message}t.privacy={adviceList:u},Object.keys(d).length>0&&(n.privacy=d);var h={},l={};try{h.elementTimings=function(){"use strict";const e=PerformanceObserver.supportedEntryTypes;if(!e||-1===e.indexOf("element"))return;const t=new PerformanceObserver((()=>{}));t.observe({type:"element",buffered:!0});const n=t.takeRecords(),o={};for(let e of n)o[e.identifier]={duration:e.duration,url:e.url,loadTime:Number(e.loadTime.toFixed(0)),renderTime:Number(e.renderTime.toFixed(0)),startTime:Number(e.startTime.toFixed(0)),naturalHeight:e.naturalHeight,naturalWidth:e.naturalWidth,tagName:e.element?e.element.tagName:""};return o}()}catch(e){l.elementTimings=e.message}try{h.fullyLoaded=function(){"use strict";if(window.performance&&window.performance.getEntriesByType){const e=window.performance.getEntriesByType("resource");let t=0;for(let n=1,o=e.length;n<o;n++)e[n].responseEnd>t&&(t=e[n].responseEnd);return t}return-1}()}catch(e){l.fullyLoaded=e.message}try{h.largestContentfulPaint=function(){"use strict";const e=PerformanceObserver.supportedEntryTypes;if(!e||-1===e.indexOf("largest-contentful-paint"))return;const t=new PerformanceObserver((()=>{}));t.observe({type:"largest-contentful-paint",buffered:!0});const n=t.takeRecords();if(n.length>0){const e=n[n.length-1];return{duration:e.duration,id:e.id,url:e.url,loadTime:Number(e.loadTime.toFixed(0)),renderTime:Number(Math.max(e.renderTime,e.loadTime).toFixed(0)),size:e.size,startTime:Number(e.startTime.toFixed(0)),tagName:e.element?e.element.tagName:""}}}()}catch(e){l.largestContentfulPaint=e.message}try{h.navigationTimings=function(){"use strict";const e=window.performance.timing,t={navigationStart:0,unloadEventStart:e.unloadEventStart>0?e.unloadEventStart-e.navigationStart:void 0,unloadEventEnd:e.unloadEventEnd>0?e.unloadEventEnd-e.navigationStart:void 0,redirectStart:e.redirectStart>0?e.redirectStart-e.navigationStart:void 0,redirectEnd:e.redirectEnd>0?e.redirectEnd-e.navigationStart:void 0,fetchStart:e.fetchStart-e.navigationStart,domainLookupStart:e.domainLookupStart-e.navigationStart,domainLookupEnd:e.domainLookupEnd-e.navigationStart,connectStart:e.connectStart-e.navigationStart,connectEnd:e.connectEnd-e.navigationStart,secureConnectionStart:e.secureConnectionStart?e.secureConnectionStart-e.navigationStart:void 0,requestStart:e.requestStart-e.navigationStart,responseStart:e.responseStart-e.navigationStart,responseEnd:e.responseEnd-e.navigationStart,domLoading:e.domLoading-e.navigationStart,domInteractive:e.domInteractive-e.navigationStart,domContentLoadedEventStart:e.domContentLoadedEventStart-e.navigationStart,domContentLoadedEventEnd:e.domContentLoadedEventEnd-e.navigationStart,domComplete:e.domComplete-e.navigationStart,loadEventStart:e.loadEventStart-e.navigationStart,loadEventEnd:e.loadEventEnd-e.navigationStart};return Object.keys(t).forEach((function(e){void 0===t[e]&&delete t[e]})),t}()}catch(e){l.navigationTimings=e.message}try{h.paintTimings=function(){"use strict";const e=window.performance.getEntriesByType("paint"),t={};if(e.length>0){for(var n=0;n<e.length;n++)t[e[n].name]=Number(e[n].startTime.toFixed(0));return t}}()}catch(e){l.paintTimings=e.message}try{h.userTimings=function(){"use strict";const e=[],t=[];if(window.performance&&window.performance.getEntriesByType){Array.prototype.slice.call(window.performance.getEntriesByType("mark")).forEach((function(e){t.push({name:e.name,startTime:e.startTime})}));Array.prototype.slice.call(window.performance.getEntriesByType("measure")).forEach((function(t){e.push({name:t.name,duration:t.duration,startTime:t.startTime})}))}return{marks:t,measures:e}}()}catch(e){l.userTimings=e.message}return t.timings=h,Object.keys(l).length>0&&(n.timings=l),function(e){var t=0,n=0;Object.keys(e).forEach((function(o){var r=0,i=0,s=e[o].adviceList;s&&Object.keys(s).forEach((function(e){var o=s[e];t+=o.score*o.weight,r+=o.score*o.weight,n+=o.weight,i+=o.weight})),i>0&&(e[o].score=Math.round(r/i))})),e.score=Math.round(t/n)}(t),{advice:t,errors:n,url:document.URL,version:"6.0.0-beta.7"}}(e)}console.error("Missing window or window document")})();

2

lib/har/privacy/thirdPartyCookies.js

@@ -24,3 +24,3 @@ 'use strict';

'third party cookie'
)} .`;
)}.`;
}

@@ -27,0 +27,0 @@

4

package.json
{
"name": "coach-core",
"version": "6.0.0-beta.6",
"version": "6.0.0-beta.7",
"description": "Core package for the Coach.",

@@ -87,5 +87,5 @@ "keywords": [

"pagexray": "4.0.0",
"third-party-web": "0.12.2",
"third-party-web": "0.12.3",
"wappalyzer-core": "6.4.17"
}
}
dist/doc/dom_util.js.html

Sorry, the diff of this file is not supported yet

dist/doc/har_util.js.html

Sorry, the diff of this file is not supported yet

dist/doc/index.html

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc