matrix-public-archive/server/lib/set-headers-to-preload-asse...

'use strict';

const assert = require('assert');

const getDependenciesForEntryPointName = require('../lib/get-dependencies-for-entry-point-name');

// Set some preload link headers which we can use with Cloudflare to turn into 103 early
// hints, https://developers.cloudflare.com/cache/about/early-hints/
//
// This will turn into a nice speed-up since the server side render can take some time
// while we fetch all the information from the homeserver and the page can have all of
// the assets loaded and ready to go by that time. This way there is no extra delay
// after the page gets served.
function setHeadersToPreloadAssets(res, pageOptions) {
  assert(res);
  assert(pageOptions);
  assert(pageOptions.entryPoint);

  const { styles, preloadScripts } = getDependenciesForEntryPointName(pageOptions.entryPoint);

  // XXX: Should we add `nopush` to the `Link` headers here? Many servers initiate an
  // HTTP/2 Server Push when they encounter a preload link in HTTP header form
  // otherwise. Do we want/care about that (or maybe we don't)? (mentioned in
  // https://medium.com/reloading/preload-prefetch-and-priorities-in-chrome-776165961bbf#6f54)

  const styleLinks = styles.map((styleUrl) => {
    return `<${styleUrl}>; rel=preload; as=style`;
  });

  // TODO: We should preload fonts as well.
  //
  // We use `cors` because fonts are fetched with "CORS mode 'cors'" (see
  // https://drafts.csswg.org/css-fonts/#font-fetching-requirements)
  //
  // TODO: Should this be `cors` or `crossorigin`?
  // https://www.smashingmagazine.com/2016/02/preload-what-is-it-good-for/#headers shows
  // `crossorigin` but
  // https://html.spec.whatwg.org/multipage/links.html#link-type-preload (the spec) says
  // `cors` so I'm not sure.
  //
  // `Link: <font_to_load.woff2>; rel=preload; as=font; cors`

  // We use `rel=modulepreload` instead of `rel=preload` for the JavaScript modules
  // because it's a nice dedicated thing to handle ESM modules that not only downloads
  // and puts it in the cache like a normal `rel=preload` but the browser also knows
  // it's a JavaScript module now and can parse/compile it so it's ready to go.
  //
  // Also as a note: `<script type="module">` with no `crossorigin` attribute indicates
  // a credentials mode of `omit` so you will run into CORS issues with a naive `Link:
  // <thing_to_load.js>; rel=preload; as=script;` because it defaults to `same-origin` and there
  // is a mismatch (see
  // https://html.spec.whatwg.org/multipage/links.html#link-type-preload ->
  // https://fetch.spec.whatwg.org/#concept-request-credentials-mode). We could set the
  // credentials mode to match using `rel=preload; as=script; omit` but then we lose the
  // extra parse/compile step that `rel=modulepreload` gives.
  //
  // See https://developer.chrome.com/blog/modulepreload/#ok-so-why-doesnt-link-relpreload-work-for-modules
  // Spec: https://html.spec.whatwg.org/multipage/links.html#link-type-modulepreload
  const scriptLinks = preloadScripts.map((scriptUrl) => {
    return `<${scriptUrl}>; rel=modulepreload`;
  });

  res.append('Link', [].concat(styleLinks, scriptLinks).join(', '));
}

module.exports = setHeadersToPreloadAssets;
Add preload link headers for downstream Cloudflare early hints (#171) Because it takes us at best several seconds to request information from a homeserver and then server-side render the page, the browser has to wait for the response before it can even try loading the necessary assets. With this change that facilitates early hints, the browser can preload all of the assets necessary before we are done generating the response and will be ready to go by the time we're all done on the server. Fix https://github.com/matrix-org/matrix-public-archive/issues/32 Part of https://github.com/matrix-org/matrix-public-archive/issues/132 See https://developers.cloudflare.com/cache/about/early-hints/ for information on enabling in Cloudflare 2023-04-19 13:20:01 -06:00			`'use strict';`

			`const assert = require('assert');`

Production ready build (#175) - Rename `public` -> `client` so it doesn't get copied automagically as-is (without hashes which we want for cache busting), https://vitejs.dev/guide/assets.html#the-public-directory - We still build the version files to `public/` so their copied as-is and Vite handles it for us (so we can use `emptyOutDir`) - Use a multiple entrypoint `.js` Vite build so things can be more intelligently bundled and take less time - We aren't using library mode because it doesn't minify or bundle assets - Using hash asset tags for cache busting. Hash of the file included in the file name - We lookup these hashed assets from `manifest.json` that Vite builds (https://vitejs.dev/guide/backend-integration.html) to serve and preload - In terms of optimized bundles, I know the current output isn't great now but will have to opt to fix that up separately in the future. Tracked by https://github.com/matrix-org/matrix-public-archive/issues/176 2023-04-24 22:50:53 -06:00			`const getDependenciesForEntryPointName = require('../lib/get-dependencies-for-entry-point-name');`

Add preload link headers for downstream Cloudflare early hints (#171) Because it takes us at best several seconds to request information from a homeserver and then server-side render the page, the browser has to wait for the response before it can even try loading the necessary assets. With this change that facilitates early hints, the browser can preload all of the assets necessary before we are done generating the response and will be ready to go by the time we're all done on the server. Fix https://github.com/matrix-org/matrix-public-archive/issues/32 Part of https://github.com/matrix-org/matrix-public-archive/issues/132 See https://developers.cloudflare.com/cache/about/early-hints/ for information on enabling in Cloudflare 2023-04-19 13:20:01 -06:00			`// Set some preload link headers which we can use with Cloudflare to turn into 103 early`
			`// hints, https://developers.cloudflare.com/cache/about/early-hints/`
			`//`
			`// This will turn into a nice speed-up since the server side render can take some time`
			`// while we fetch all the information from the homeserver and the page can have all of`
			`// the assets loaded and ready to go by that time. This way there is no extra delay`
			`// after the page gets served.`
			`function setHeadersToPreloadAssets(res, pageOptions) {`
			`assert(res);`
			`assert(pageOptions);`
Production ready build (#175) - Rename `public` -> `client` so it doesn't get copied automagically as-is (without hashes which we want for cache busting), https://vitejs.dev/guide/assets.html#the-public-directory - We still build the version files to `public/` so their copied as-is and Vite handles it for us (so we can use `emptyOutDir`) - Use a multiple entrypoint `.js` Vite build so things can be more intelligently bundled and take less time - We aren't using library mode because it doesn't minify or bundle assets - Using hash asset tags for cache busting. Hash of the file included in the file name - We lookup these hashed assets from `manifest.json` that Vite builds (https://vitejs.dev/guide/backend-integration.html) to serve and preload - In terms of optimized bundles, I know the current output isn't great now but will have to opt to fix that up separately in the future. Tracked by https://github.com/matrix-org/matrix-public-archive/issues/176 2023-04-24 22:50:53 -06:00			`assert(pageOptions.entryPoint);`
Add preload link headers for downstream Cloudflare early hints (#171) Because it takes us at best several seconds to request information from a homeserver and then server-side render the page, the browser has to wait for the response before it can even try loading the necessary assets. With this change that facilitates early hints, the browser can preload all of the assets necessary before we are done generating the response and will be ready to go by the time we're all done on the server. Fix https://github.com/matrix-org/matrix-public-archive/issues/32 Part of https://github.com/matrix-org/matrix-public-archive/issues/132 See https://developers.cloudflare.com/cache/about/early-hints/ for information on enabling in Cloudflare 2023-04-19 13:20:01 -06:00
Production ready build (#175) - Rename `public` -> `client` so it doesn't get copied automagically as-is (without hashes which we want for cache busting), https://vitejs.dev/guide/assets.html#the-public-directory - We still build the version files to `public/` so their copied as-is and Vite handles it for us (so we can use `emptyOutDir`) - Use a multiple entrypoint `.js` Vite build so things can be more intelligently bundled and take less time - We aren't using library mode because it doesn't minify or bundle assets - Using hash asset tags for cache busting. Hash of the file included in the file name - We lookup these hashed assets from `manifest.json` that Vite builds (https://vitejs.dev/guide/backend-integration.html) to serve and preload - In terms of optimized bundles, I know the current output isn't great now but will have to opt to fix that up separately in the future. Tracked by https://github.com/matrix-org/matrix-public-archive/issues/176 2023-04-24 22:50:53 -06:00			`const { styles, preloadScripts } = getDependenciesForEntryPointName(pageOptions.entryPoint);`
Add preload link headers for downstream Cloudflare early hints (#171) Because it takes us at best several seconds to request information from a homeserver and then server-side render the page, the browser has to wait for the response before it can even try loading the necessary assets. With this change that facilitates early hints, the browser can preload all of the assets necessary before we are done generating the response and will be ready to go by the time we're all done on the server. Fix https://github.com/matrix-org/matrix-public-archive/issues/32 Part of https://github.com/matrix-org/matrix-public-archive/issues/132 See https://developers.cloudflare.com/cache/about/early-hints/ for information on enabling in Cloudflare 2023-04-19 13:20:01 -06:00
Fix preload link headers (#185) Follow-up to https://github.com/matrix-org/matrix-public-archive/pull/171 and https://github.com/matrix-org/matrix-public-archive/pull/175 where they broke because we went from scripts to modules. Part of https://github.com/matrix-org/matrix-public-archive/issues/132 Before this PR, we were seeing these warning in the Chrome devtools console: ``` A preload for 'foo' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute. ``` This is caused by a credentials mode mismatch between the `<script type="module">` tag and the `Link` header. A `<script type="module">` with no `crossorigin` attribute indicates a credentials mode of `omit` and a naive `Link: </foo-url>; rel=preload; as=script;` has a default credentials mode of `same-origin`, hence the mismatch and warning we're seeing. We could set the credentials mode to match using `Link: </foo-url>; rel=preload; as=script; omit` but there is an even better option! We can use the dedicated `Link: </foo-url>; rel=modulepreload` link type which not only downloads and puts the the file in the cache like a normal preload but the browser also knows it's a JavaScript module now and can parse/compile it so it's ready to go. --- Future consideration: Adding `nopush` to preload link headers. Many servers initiate an HTTP/2 Server Push when they encounter a preload link in HTTP header form otherwise. Do we want/care about that (or maybe we don't)? (mentioned in https://medium.com/reloading/preload-prefetch-and-priorities-in-chrome-776165961bbf#6f54) --- References for preload `Link` headers: - https://medium.com/reloading/preload-prefetch-and-priorities-in-chrome-776165961bbf#6f54 - https://html.spec.whatwg.org/multipage/links.html#link-type-preload - https://www.smashingmagazine.com/2016/02/preload-what-is-it-good-for/#headers - https://developer.chrome.com/blog/modulepreload/#ok-so-why-doesnt-link-relpreload-work-for-modules 2023-04-26 02:29:57 -06:00			// XXX: Should we add `nopush` to the `Link` headers here? Many servers initiate an
			`// HTTP/2 Server Push when they encounter a preload link in HTTP header form`
			`// otherwise. Do we want/care about that (or maybe we don't)? (mentioned in`
			`// https://medium.com/reloading/preload-prefetch-and-priorities-in-chrome-776165961bbf#6f54)`

Add preload link headers for downstream Cloudflare early hints (#171) Because it takes us at best several seconds to request information from a homeserver and then server-side render the page, the browser has to wait for the response before it can even try loading the necessary assets. With this change that facilitates early hints, the browser can preload all of the assets necessary before we are done generating the response and will be ready to go by the time we're all done on the server. Fix https://github.com/matrix-org/matrix-public-archive/issues/32 Part of https://github.com/matrix-org/matrix-public-archive/issues/132 See https://developers.cloudflare.com/cache/about/early-hints/ for information on enabling in Cloudflare 2023-04-19 13:20:01 -06:00			`const styleLinks = styles.map((styleUrl) => {`
			return `<${styleUrl}>; rel=preload; as=style`;
			`});`

Fix preload link headers (#185) Follow-up to https://github.com/matrix-org/matrix-public-archive/pull/171 and https://github.com/matrix-org/matrix-public-archive/pull/175 where they broke because we went from scripts to modules. Part of https://github.com/matrix-org/matrix-public-archive/issues/132 Before this PR, we were seeing these warning in the Chrome devtools console: ``` A preload for 'foo' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute. ``` This is caused by a credentials mode mismatch between the `<script type="module">` tag and the `Link` header. A `<script type="module">` with no `crossorigin` attribute indicates a credentials mode of `omit` and a naive `Link: </foo-url>; rel=preload; as=script;` has a default credentials mode of `same-origin`, hence the mismatch and warning we're seeing. We could set the credentials mode to match using `Link: </foo-url>; rel=preload; as=script; omit` but there is an even better option! We can use the dedicated `Link: </foo-url>; rel=modulepreload` link type which not only downloads and puts the the file in the cache like a normal preload but the browser also knows it's a JavaScript module now and can parse/compile it so it's ready to go. --- Future consideration: Adding `nopush` to preload link headers. Many servers initiate an HTTP/2 Server Push when they encounter a preload link in HTTP header form otherwise. Do we want/care about that (or maybe we don't)? (mentioned in https://medium.com/reloading/preload-prefetch-and-priorities-in-chrome-776165961bbf#6f54) --- References for preload `Link` headers: - https://medium.com/reloading/preload-prefetch-and-priorities-in-chrome-776165961bbf#6f54 - https://html.spec.whatwg.org/multipage/links.html#link-type-preload - https://www.smashingmagazine.com/2016/02/preload-what-is-it-good-for/#headers - https://developer.chrome.com/blog/modulepreload/#ok-so-why-doesnt-link-relpreload-work-for-modules 2023-04-26 02:29:57 -06:00			`// TODO: We should preload fonts as well.`
			`//`
			// We use `cors` because fonts are fetched with "CORS mode 'cors'" (see
			`// https://drafts.csswg.org/css-fonts/#font-fetching-requirements)`
			`//`
			// TODO: Should this be `cors` or `crossorigin`?
			`// https://www.smashingmagazine.com/2016/02/preload-what-is-it-good-for/#headers shows`
			// `crossorigin` but
			`// https://html.spec.whatwg.org/multipage/links.html#link-type-preload (the spec) says`
			// `cors` so I'm not sure.
			`//`
			// `Link: <font_to_load.woff2>; rel=preload; as=font; cors`

			// We use `rel=modulepreload` instead of `rel=preload` for the JavaScript modules
			`// because it's a nice dedicated thing to handle ESM modules that not only downloads`
			// and puts it in the cache like a normal `rel=preload` but the browser also knows
			`// it's a JavaScript module now and can parse/compile it so it's ready to go.`
			`//`
			// Also as a note: `<script type="module">` with no `crossorigin` attribute indicates
			// a credentials mode of `omit` so you will run into CORS issues with a naive `Link:
			// <thing_to_load.js>; rel=preload; as=script;` because it defaults to `same-origin` and there
			`// is a mismatch (see`
			`// https://html.spec.whatwg.org/multipage/links.html#link-type-preload ->`
			`// https://fetch.spec.whatwg.org/#concept-request-credentials-mode). We could set the`
			// credentials mode to match using `rel=preload; as=script; omit` but then we lose the
			// extra parse/compile step that `rel=modulepreload` gives.
			`//`
			`// See https://developer.chrome.com/blog/modulepreload/#ok-so-why-doesnt-link-relpreload-work-for-modules`
			`// Spec: https://html.spec.whatwg.org/multipage/links.html#link-type-modulepreload`
Production ready build (#175) - Rename `public` -> `client` so it doesn't get copied automagically as-is (without hashes which we want for cache busting), https://vitejs.dev/guide/assets.html#the-public-directory - We still build the version files to `public/` so their copied as-is and Vite handles it for us (so we can use `emptyOutDir`) - Use a multiple entrypoint `.js` Vite build so things can be more intelligently bundled and take less time - We aren't using library mode because it doesn't minify or bundle assets - Using hash asset tags for cache busting. Hash of the file included in the file name - We lookup these hashed assets from `manifest.json` that Vite builds (https://vitejs.dev/guide/backend-integration.html) to serve and preload - In terms of optimized bundles, I know the current output isn't great now but will have to opt to fix that up separately in the future. Tracked by https://github.com/matrix-org/matrix-public-archive/issues/176 2023-04-24 22:50:53 -06:00			`const scriptLinks = preloadScripts.map((scriptUrl) => {`
Fix preload link headers (#185) Follow-up to https://github.com/matrix-org/matrix-public-archive/pull/171 and https://github.com/matrix-org/matrix-public-archive/pull/175 where they broke because we went from scripts to modules. Part of https://github.com/matrix-org/matrix-public-archive/issues/132 Before this PR, we were seeing these warning in the Chrome devtools console: ``` A preload for 'foo' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute. ``` This is caused by a credentials mode mismatch between the `<script type="module">` tag and the `Link` header. A `<script type="module">` with no `crossorigin` attribute indicates a credentials mode of `omit` and a naive `Link: </foo-url>; rel=preload; as=script;` has a default credentials mode of `same-origin`, hence the mismatch and warning we're seeing. We could set the credentials mode to match using `Link: </foo-url>; rel=preload; as=script; omit` but there is an even better option! We can use the dedicated `Link: </foo-url>; rel=modulepreload` link type which not only downloads and puts the the file in the cache like a normal preload but the browser also knows it's a JavaScript module now and can parse/compile it so it's ready to go. --- Future consideration: Adding `nopush` to preload link headers. Many servers initiate an HTTP/2 Server Push when they encounter a preload link in HTTP header form otherwise. Do we want/care about that (or maybe we don't)? (mentioned in https://medium.com/reloading/preload-prefetch-and-priorities-in-chrome-776165961bbf#6f54) --- References for preload `Link` headers: - https://medium.com/reloading/preload-prefetch-and-priorities-in-chrome-776165961bbf#6f54 - https://html.spec.whatwg.org/multipage/links.html#link-type-preload - https://www.smashingmagazine.com/2016/02/preload-what-is-it-good-for/#headers - https://developer.chrome.com/blog/modulepreload/#ok-so-why-doesnt-link-relpreload-work-for-modules 2023-04-26 02:29:57 -06:00			return `<${scriptUrl}>; rel=modulepreload`;
Add preload link headers for downstream Cloudflare early hints (#171) Because it takes us at best several seconds to request information from a homeserver and then server-side render the page, the browser has to wait for the response before it can even try loading the necessary assets. With this change that facilitates early hints, the browser can preload all of the assets necessary before we are done generating the response and will be ready to go by the time we're all done on the server. Fix https://github.com/matrix-org/matrix-public-archive/issues/32 Part of https://github.com/matrix-org/matrix-public-archive/issues/132 See https://developers.cloudflare.com/cache/about/early-hints/ for information on enabling in Cloudflare 2023-04-19 13:20:01 -06:00			`});`

			`res.append('Link', [].concat(styleLinks, scriptLinks).join(', '));`
			`}`

			`module.exports = setHeadersToPreloadAssets;`