search

owncloud / core

:cloud: ownCloud web server core (Files, DAV, etc.)
https://owncloud.com
GNU Affero General Public License v3.0
8.38k stars 2.06k forks source link

Reduce static asset load on layout.guest for login/authorize forms #30385

Closed SamuAlfageme closed 3 years ago

SamuAlfageme commented 6 years ago

Just realized how slow the authorization webview for OAuth2 loads under mobile networks / slow connections. Profiling a bit with chrome; I found out there is ~500KB worth of JS and CSS assets loaded:

https://github.com/owncloud/core/blob/55fb4c27eaf05e33b29b9acae1391db51664af7b/core/templates/layout.guest.php#L16-L24

<link rel="stylesheet" href="/core/css/styles.css?v=...">
<link rel="stylesheet" href="/core/css/inputs.css?v=...">
<link rel="stylesheet" href="/core/css/header.css?v=...">
<link rel="stylesheet" href="/core/css/icons.css?v=...">
<link rel="stylesheet" href="/core/css/fonts.css?v=...">
<link rel="stylesheet" href="/core/css/apps.css?v=...">
<link rel="stylesheet" href="/core/css/global.css?v=...">
<link rel="stylesheet" href="/core/css/fixes.css?v=...">
<link rel="stylesheet" href="/core/css/multiselect.css?v=...">
<link rel="stylesheet" href="/core/css/mobile.css?v=...">
<link rel="stylesheet" href="/core/vendor/jquery-ui/themes/base/jquery-ui.css?v=...">
<link rel="stylesheet" href="/core/css/jquery-ui-fixes.css?v=...">
<link rel="stylesheet" href="/core/css/tooltip.css?v=...">
<link rel="stylesheet" href="/core/css/share.css?v=...">
<link rel="stylesheet" href="/apps/files_versions/css/versions.css?v=...">
<link rel="stylesheet" href="/apps/files_videoplayer/css/style.css?v=...">
<link rel="stylesheet" href="/apps/firstrunwizard/css/colorbox.css?v=...">
<link rel="stylesheet" href="/apps/firstrunwizard/css/firstrunwizard.css?v=...">
<link rel="stylesheet" href="/core/css/jquery.ocdialog.css?v=...">
<script src="/core/js/oc.js?v=..."></script>
<script src="/core/vendor/jquery/dist/jquery.min.js?v=..."></script>
<script src="/core/vendor/jquery-migrate/jquery-migrate.min.js?v=..."></script>
<script src="/core/vendor/jquery-ui/ui/jquery-ui.custom.js?v=..."></script>
<script src="/core/vendor/underscore/underscore.js?v=..."></script>
<script src="/core/vendor/moment/min/moment-with-locales.js?v=..."></script>
<script src="/core/vendor/handlebars/handlebars.js?v=..."></script>
<script src="/core/vendor/blueimp-md5/js/md5.js?v=..."></script>
<script src="/core/vendor/bootstrap/js/tooltip.js?v=..."></script>
<script src="/core/vendor/backbone/backbone.js?v=..."></script>
<script src="/core/vendor/es6-promise/dist/es6-promise.js?v=..."></script>
<script src="/core/vendor/davclient.js/lib/client.js?v=..."></script>
<script src="/core/vendor/clipboard/dist/clipboard.js?v=..."></script>
<script src="/core/vendor/bowser/src/bowser.js?v=..."></script>
<script src="/core/js/jquery.ocdialog.js?v=..."></script>
<script src="/core/js/oc-dialogs.js?v=..."></script>
<script src="/core/js/js.js?v=..."></script>
<script src="/core/js/l10n.js?v=..."></script>
<script src="/core/js/octemplate.js?v=..."></script>
<script src="/core/js/eventsource.js?v=..."></script>
<script src="/core/js/config.js?v=..."></script>
<script src="/core/search/js/search.js?v=..."></script>
<script src="/core/js/oc-requesttoken.js?v=..."></script>
<script src="/core/js/apps.js?v=..."></script>
<script src="/core/js/mimetype.js?v=..."></script>
<script src="/core/js/mimetypelist.js?v=..."></script>
<script src="/core/vendor/snapjs/dist/latest/snap.js?v=..."></script>
<script src="/core/js/oc-backbone.js?v=..."></script>
<script src="/core/js/placeholder.js?v=..."></script>
<script src="/core/js/jquery.avatar.js?v=..."></script>
<script src="/core/js/shareconfigmodel.js?v=..."></script>
<script src="/core/js/sharemodel.js?v=..."></script>
<script src="/core/js/sharescollection.js?v=..."></script>
<script src="/core/js/shareitemmodel.js?v=..."></script>
<script src="/core/js/sharedialogresharerinfoview.js?v=..."></script>
<script src="/core/js/sharedialoglinklistview.js?v=..."></script>
<script src="/core/js/sharedialoglinkshareview.js?v=..."></script>
<script src="/core/js/sharedialogmailview.js?v=..."></script>
<script src="/core/js/sharedialoglinksocialview.js?v=..."></script>
<script src="/core/js/sharedialogexpirationview.js?v=..."></script>
<script src="/core/js/sharedialogshareelistview.js?v=..."></script>
<script src="/core/js/sharedialogview.js?v=..."></script>
<script src="/core/js/share.js?v=..."></script>
<script src="/apps/files_videoplayer/js/viewer.js?v=..."></script>
<script src="/apps/firstrunwizard/js/jquery.colorbox.js?v=..."></script>
<script src="/apps/firstrunwizard/js/firstrunwizard.js?v=..."></script>
<script src="/core/js/files/fileinfo.js?v=..."></script>
<script src="/core/js/files/client.js?v=..."></script>
<script src="/core/vendor/jsTimezoneDetect/jstz.js?v=..."></script>
<script src="/core/js/visitortimezone.js?v=..."></script>
<script src="/core/js/lostpassword.js?v=..."></script>
<script src="/core/js/login.js?v=..."></script>
<script src="/core/js/browser-update.js?v=..."></script>

I guess the "guest" layout applies also for things like the "anonymous uploads" view and probably more. But keeping leaner login-authorize pages will result in a better mobile integration.

Feel free to close if considered not relevant. Or if it turns out most of the assets are indeed required or the ones that could go away are a negligible portion.

cc/ @felixheidecke

DeepDiver1975 commented 6 years ago

Just realized how slow the authorization webview for OAuth2 loads under mobile networks / slow connections. Profiling a bit with chrome; I found out there is ~500KB worth of JS and CSS assets loaded:

we did not pay that much attention to this because usually they are all grabbed from the browser cache. But for the mobile oauth webview this might be an issue because the user most likely did not hit the server before ....

SamuAlfageme commented 6 years ago

the user most likely did not hit the server before ...

Every webview is sandboxed and run from scratch, so yes: no way there are cached contents as for today.

However, I'm not completely sure removing some unnecessary statics from here and there would speed up the whole workflow. Need to do some benchmarking.

SamuAlfageme commented 6 years ago

Similar to this behavior; yesterday I found out that regular pooling to the /notifications endpoint is also happening under the hood on an open OAuth's "authorize" screen.

As a rule of thumb, I'd say when the top bar (where the notification container is located) is hidden, we should simply not pool this endpoint for events. I'll create an issue.