At work we’ve been using Amazon Web Services for a long time. In fact Amazon’s Cloudfront (the name of their CDN service) has been a key advantage to speeding up our websites.
The purpose of the CDN is to distribute “static” files that are reasonably stable. This allows those files to be served up to users faster, and consequently allow our websites to load faster.
Besides using a CDN, another way to speed up websites is using GZIP (compression) for website files. Such as GZIP-ing CSS files:
<link rel=’stylesheet’ href=’http://cloudfront.net/css/custom.min.css.gzip’ type=’text/css’/>
And this is when start to go horribly wrong…
Disclaimer: This article refers specifically to Amazon’s CDN service because that is the service that caused problems for us. I suspect most CDN services will have similar problems, due to the nature of how CDNs work.
The problem is this:
- The server sends the HTML code to the browser. Because it’s Apache, the HTML code is sent in GZIP or non-GZIP format depending on what the browser says it accepts.
- But the HTML code links to a GZIP’d file served up by the CDN (such as the sample code shown above linking to a GZIP’d CSS file).
- So for browsers that can handle GZIP, that’s no problem. It can decode the GZIP’d file and life goes on.
- But what about browsers that don’t support GZIP? We’re now telling the browser to read a GZIP’d file, even though it might not be able to do it!
At this stage, most technical people will smirk and say that this should be no problem. Most modern browsers support GZIP, so only people with outdated browsers will have problems. In fact, some high tech snobs, might even say it’s the user’s fault for not upgrading or using the latest browsers. Well in response, here are the browser version stats as of March 2015 (courtesy of netmarketshare.com):
As you can see up to 33.13% of most visitors have problems GZIP. I’m just counting IE8, IE9 & FF36. I’m not even considering the 20.35% of browsers in the “Other” category. Once again, some technical people out there will say IE8 and IE9 does support GZIP, if they have the latest or patches. And while that may be true, a quick Google search of “IE9 gzip” will show all the problems with the “standard” version of IE9. It is worth noting that IE10 is the current version as I write this post. So honestly, if people are still running IE8 and IE9, they’re probably not the type of people to have applied any patches and thus are unlikely to have a browser that truly supports GZIP.
And for the final nail in this discussion, Google documented why even with the latest browsers, you may not be able to process GZIP files:
major reasons why users do not get compressed content: anti-virus software, browser bugs, web proxies … modify the web request so that the web server does not know that the browser can uncompress content. Specifically, they remove or mangle the Accept-Encoding header that is normally sent with every request
What this means is that antivirus software, proxies or firewalls don’t like GZIP files. Because the files are compressed, these security devices cannot look inside the files to make sure it does not contain malicious code (e.g. viruses). As such, it’s their job to stop or block GZIP files.
To sum it up, GZIP is a good thing. But let the webserver negotiate with the browser to serve up GZIP’d files or not (and rely on Apache to serve up a GZIP’d file or not). Do not hard code GZIP files into the HTML.
What’s the bottom line impact?:
- Around 15% of all website visitors can’t process GZIP, due to browsers that don’t support GZIP. So if your website is hard-coded to a GZIP file, it won’t work properly for those people.
- Roughly 75% of all PCs are protected by antivirus software. Many popular antivirus companies does block GZIP (you can Google “
gzip” and to see if your antivirus has such problems). Given this, I’d guess another 10-15% of website visitors are running antivirus software the blocks GZIP, so your website won’t behave correctly for them.
- Firewalls are used to secure most company networks. So if your website is hard-coded to a GZIP file, most visitors looking at your website from their workplace, will have problems.
So the problem is real, and the problem is big. Do not hard code GZIP files into the HTML.