Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Critical extracts & inlines critical-path (above-the-fold) CSS from HTML
$ npm install --save critical
Include:
var critical = require('critical');
critical.generateInline({
// Your base directory
base: 'dist/',
// HTML source
html: '<html>...</html>',
// HTML source file
src: 'index.html',
// Your CSS Files (optional)
css: ['dist/styles/main.css'],
// Viewport width
width: 320,
// Viewport height
height: 480,
// Target for final HTML output
htmlTarget: 'index-critical.html',
// Target for generated critical-path CSS (which we inline)
styleTarget: 'styles/main.css',
// Minify critical-path CSS when inlining
minify: true,
// Extract inlined styles from referenced stylesheets
extract: true
});
Basic usage:
critical.generate({
base: 'test/',
src: 'index.html',
dest: 'styles/main.css',
width: 320,
height: 480
});
Generate and minify critical-path CSS:
critical.generate({
base: 'test/',
src: 'index.html',
dest: 'styles/styles.min.css',
minify: true,
width: 320,
height: 480
});
Generate and return output via a callback:
critical.generate({
base: 'test/',
src: 'index.html',
width: 320,
height: 480
}, function (err, output) {
// You now have critical-path CSS
// Works with and without dest specified
});
<style>
/ critical CSS from generationBasic usage:
critical.inline({
base: 'test/',
src: 'index-critical.html',
dest: 'inlined.html'
});
Minify and inline stylesheets:
critical.inline({
base: 'test/',
src: 'index-critical.html',
dest: 'inlined-minified.html',
minify: true
});
Inline and return output via a callback:
critical.inline({
base: 'test/',
src: 'index-critical.html'
}, function (err, output){
// You now have HTML with inlined critical-path CSS
// Works with and without dest specified
});
Name | Type | Description |
---|---|---|
base | string | Base directory in which the source and destination are to be written |
html | string | HTML source to be operated against. This option takes precedence over the src option |
src | string | Location of the HTML source to be operated against |
dest | string | Location of where to save the output of an operation |
width | integer | (Generation only) Width of the target viewport |
height | integer | (Generation only) Height of the target viewport |
minify | boolean | Enable minification of CSS output |
extract | boolean | Remove the inlined styles from any stylesheets referenced in the HTML. It generates new references based on extracted content so it's safe to use for multiple HTML files referencing the same stylesheet |
styleTarget | string | (generateInline only) Destination for critical-path styles |
htmlTarget | string | (generateInline only) Destination for (critical-path CSS) style-inlined HTML |
inlineImages | boolean | Inline images (default: false) |
maxImageFileSize | integer | Sets a max file size (in bytes) for base64 inlined images |
critical works well with standard input.
cat test/fixture/index.html | critical --base test/fixture > critical.css
You can also pass in the critical CSS file as an option.
critical test/fixture/index.html --base test/fixture > critical.css
CSS is required to construct the render tree for your pages and JavaScript will often block on CSS during initial construction of the page. You should ensure that any non-essential CSS is marked as non-critical (e.g. print and other media queries), and that the amount of critical CSS and the time to deliver it is as small as possible.
For best performance, you may want to consider inlining the critical CSS directly into the HTML document. This eliminates additional roundtrips in the critical path and if done correctly can be used to deliver a “one roundtrip” critical path length where only the HTML is a blocking resource.
Why, yes!. Take a look at this Gulp project which demonstrates using Critical to generate and inline critical-path CSS. It also includes a mini-tutorial that walks through how to use it in a simple webapp.
The main differences between Critical and Penthouse, a module we use, are:
That said, if your site or app has a large number of styles or styles which are being dynamically injected into the DOM (sometimes common in Angular apps) I recommend using Penthouse directly. It will require you to supply styles upfront, but this may provide a higher level of accuracy if you find Critical isn't serving your needs.
FilamentGroup maintain a criticalCSS node module, which similar to Penthouse will find and output the critical-path CSS for your pages.
Many of the current tools around critical-path CSS are in an experimental stage and are constantly striving to improve. The same could be said of Critical. It hasn't been extensively tested on a ton of sites and it's very possible something may well break. That said, we welcome you to try it out on your project and report bugs if you find them.
Of course. We appreciate all of our contributors and welcome contributions to improve the project further. If you're uncertain whether an addition should be made, feel free to open up an issue and we can discuss it.
FAQs
Extract & Inline Critical-path CSS from HTML
The npm package critical receives a total of 19,171 weekly downloads. As such, critical popularity was classified as popular.
We found that critical demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.