2. Yahoo 1994
3. Yahoo! 1995
4. Yahoo! 2000
5. First F2E Hired in 2001
6. Yahoo! 2002
7. Yahoo! 2006
8. Yahoo! 2011
9. More
10. ~700 Frontend Engineers
11. Frontend Skill Set
12. Beyond Skill Set
13. F2Es Creeds
14. Creed IPerformance is FeaturePerformance is Key Feature
15. Slow Web Sites Wont Win!
16. Time Spent on Frontend
July 2008
17. Frontend Optimization is Key to Website Performance
18. 14 Performance Best Practices
Make fewer HTTP requests
Use a CDN
Add an Expires header
Gzip components
Put CSS at the top
Move JS to the bottom
Avoid CSS expressions
Make JS and CSS external
Reduce DNS lookups
Minify JS
Avoid redirects
Remove duplicate scripts
Turn off ETags
Make AJAX cacheable and small
19. More
Minimize DOM Operations
Develop Smart Event Handlers
Preload Components
http://developer.yahoo.com/performance/rules.html
20. Focus on Perceived Performance
21. Measure It!
22. Creed IIProgressive Enhancement
23. Browser World is Messy
24. Web Layers
Behavior
Presentation
Content
25. Graded Browser Support
http://developer.yahoo.com/yui/articles/gbs/
26. A-Graded Browsers
27. Unobtrusive JavaScript
28. What is Obtrusive JavaScript
29. What is Unobtrusive JavaScript
document.getElementById(date).
.addEventListener(change, validateDate);
30. Creed IIIBe Paranoid
31. The Web is So Vulnerable
32. Whats wrong with this Code?
33. SQL Injection Attack
What if $_POSTusername] is
x OR 1=1 ?
34. Whats wrong with this Code?
You are referred from
35. XSS Attack
You are referred from
What if the URL is
http://www.yahoo.com/?from=
36. Your Cookie is Stolen
You are referred from
37. Whats wrong with this Code?
38. CSRF Attack
The request might not be users intention
39. Attackers are Smart!
40. Dont Trust User Input
41. Always Assume That Bad Guys Could Read Your Code
42. Paranoids
43. F2Es Creeds
Performance is Key Feature
Progressive Enhancement
Be Paranoid
44. Thanks
