Graduated in Digital Media M.Sc. now developing the next generation of educational software. Since a while I develop full stack in Javascript using Meteor. Love fitness and Muay Thai after work.
An HTTP request is ~600 ms in my experience. I would need at least two more requests to remove inline JS and CSS, which would add ~1.2s of load time. Youthful people care about speed, which is my target audience. I suppose that's my answer, thanks.
Graduated in Digital Media M.Sc. now developing the next generation of educational software. Since a while I develop full stack in Javascript using Meteor. Love fitness and Muay Thai after work.
Have you measured this or is this an estimation? Which bandwidth did you use? Young people usually also care about a provider with good bandwidth. I would always favour security before performance. If you can prevent xss with.other mechanisms then it's fine. By the way this a typical use case for a beta test with a-b setup to see if CSP will really have an impact on user experience.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
How big is the speed disadvantage when CSP is active? Will it matter to your target audience?
An HTTP request is ~600 ms in my experience. I would need at least two more requests to remove inline JS and CSS, which would add ~1.2s of load time. Youthful people care about speed, which is my target audience. I suppose that's my answer, thanks.
Have you measured this or is this an estimation? Which bandwidth did you use? Young people usually also care about a provider with good bandwidth. I would always favour security before performance. If you can prevent xss with.other mechanisms then it's fine. By the way this a typical use case for a beta test with a-b setup to see if CSP will really have an impact on user experience.