UNPKG

coach-core

Version:

Core package for the Coach.

www.sitespeed.io/documentation/coach/

sitespeedio/coach-core

99 lines (91 loc) 2.88 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
import * as util from '../util.js'; export default { id: 'unnecessaryHeaders', title: 'Avoid unnecessary headers', description: "Do not send headers that you don't need. We look for p3p, cache-control and max-age, pragma, server and x-frame-options headers. Have a look at Andrew Betts - Headers for Hackers talk as a guide https://www.youtube.com/watch?v=k92ZbrY815c or read https://www.fastly.com/blog/headers-we-dont-want.", weight: 1, severity: 'info', tags: ['bestpractice', 'header'], processPage: function (page) { const offending = []; const p3pHeaders = []; const cacheHeaders = []; const pragmaHeaders = []; const xframeHeaders = []; const serverHeaders = []; let score = 100; let advice = ''; for (const asset of page.assets) { const headers = asset.headers.response; if (headers.p3p) { offending.push(asset.url); p3pHeaders.push(asset.url); score -= 1; } if ( headers.expires && headers['cache-control'] && headers['cache-control'][0].includes('max-age') ) { // You don't need to set both expires and cache-control: max-age. Use just one! offending.push(asset.url); cacheHeaders.push(asset.url); score -= 1; } if (headers.pragma && headers.pragma[0].includes('no-cache')) { offending.push(asset.url); pragmaHeaders.push(asset.url); score -= 1; } if (headers.server) { offending.push(asset.url); serverHeaders.push(asset.url); score -= 1; } if ( headers['x-frame-options'] && headers['x-frame-options'][0] === 'sameorigin' ) { offending.push(asset.url); xframeHeaders.push(asset.url); score -= 1; } } if (p3pHeaders.length > 0) { advice += 'There are ' + util.plural(p3pHeaders.length, 'response') + ' that sets a p3p header. '; } if (cacheHeaders.length > 0) { advice += 'There are ' + util.plural(cacheHeaders.length, 'response') + ' that sets both a max-age and expires header. '; } if (pragmaHeaders.length > 0) { advice += 'There are ' + util.plural(pragmaHeaders.length, 'response') + ' that sets a pragma no-cache header (that is a request header). '; } if (xframeHeaders.length > 0) { advice += 'There are ' + util.plural(xframeHeaders.length, 'response') + ' that sets a x-frame-options:sameorigin header. '; } if (serverHeaders.length > 0) { advice += 'There are ' + util.plural(serverHeaders.length, 'response') + ' that sets a server header. '; } return { score: Math.max(0, score), offending: offending, advice: advice }; } };