Firefox for Android “forgets” to send SameSite=Strict cookies to websites, causing them to log you out and forgot you ever visited them in the past.
Chrome intends to remove support for server push; an underutilized performance feature introduced in HTTP/2. It cites low usage and implementation complexity.
A new HTTP header enables websites to redirect their visitors using the Tor Browser to their more secure Onion site.
The majority of websites don’t compress their favicon files despite an impressive average file size reduction of over 70 %.
Apache’s module for server-driven HTTP content negotiation isn’t suited to make decisions about which pre-compressed resource to serve.
Any HTTP Content-Security-Policy blocks the default <audio>/<video> controls in Safari unless you deliberately make it less secure.
Don’t use Nginx’s merge_slashes option in your HTTP reverse caching proxy setup. Here’s an example of an unintended problem caused by blindly rewriting URLs.
I discuss five implementation problems and gotchas with Apache’s HTTP caching module.
HTTP 301 is supposed to be permanent. Clients are expected to update links and not request the old one anymore.
Bots and older clients sometimes request /page#fragment over HTTP without stripping away the URL
Review which content delivery networks support RFC 5861’s Stale-While-Revalidate and Stale-If-Error caching directives.
Verify that your CDN or caching proxy supports RFC 5861 asynchronous cache revalidation.
Learn how to set up HTTP Save-Data request-hint aware HTTP/2 server push.
Set up faster HTTP redirects by using HTTP/2 server push to send the new location in the same response informing the client about the redirect.
An intermediary HTTP proxy-cache can interfere with how different devices detect whether they’ve got working internet access or not.
Many bug tracking software leak information about your organization’s security problems through HTTP referrer headers.
The new HTTP Save-Data request header can help websites determine the bandwidth constraints of their visitors.
Is Ookla Speed Test or Microsoft Network Speed Test the best for speed testing app for your Windows 10 device?
How to forward the front-end proxy server’s hostname to your origin server with Apache mod_proxy.
Create a URL transition-plan and create redirects for old URLs. Take a few minutes to avoid losing traffic when you move domain names or reorganize your URLs.
Experimental browser extension from Mozilla and the Internet Archive helps you find archived copies of dead links as you browse with Firefox.
EdgeDeflector stops Windows 10 from forces-opening links in Microsoft Edge, and makes Windows respect the system-wide default web browser setting instead.
Five best practices to reduce bandwidth requirements for feeds (Atom/RSS). Tips for reader and publisher implementations.
Feed delta updates strip away feed entries that the subscriber has already download and only transmits the update delta consisting of new entries.
Learn about the HTTP Vary response header and its important role in HTTP content negotiation and caching.
The Recommended articles sections below articles are a mess. Incredibly simple steps could improve the recommendations.
How to enable the new Brotli compression module alongside Gzip in the Apache HTTPD server.
You can deter image hotlinking and reduce the associated bandwidth costs by reducing the image quality instead of outright blocking it.
Take control over your WordPress site’s HTTP Cache-Control header directives with easy-to-use WordPress plugin.
Apple News app to stop pretending like it’s Safari browser; making it easier to measure success in web analytics.
A bug in the Apple News crawler caused it to get stuck in a loop sending 100+ requests/second to websites with HTTPS certificates issued by Let’s Encrypt.
An Apache bug caused HTTP/2 websites to drop out of the search index at the Russian Yandex search engine.
Protect your WordPress installation against bots probing for known WordPress core and plugin security vulnerabilities.
Protect yourself against repeated users and bots who don’t get the hint the first couple of times your web server responds with HTTP 403 Forbidden.
The tale of how I fought back against website content scrapers to protect my copyright.
I developed an Android app to detect and troubleshoot HTTP proxy configuration issues.
The EFF’s Privacy Badger extension auto-detects and blocks websites that track you across websites. It also breaks more websites the more you use it.
Debian will try to redirect you to the nearest mirror service. However, this can be detrimental to cache-hit ratios when running a local HTTP caching service.
Set up redirects for from URLs with too many forward-slashes in the URL path to a URL normalized addresses.
Reading modes are non-standard and browser vendors can’t even agree on what URI schema to use for it.
The new Preloading feature in Internet Explorer 11 is designed to speed up your web browsing. It also transmits a lot of information to Microsoft.