Replaced JS with HTTP request

I&#x27;m very wary about loading JS from random CDNs. In my opinion, the negative aspects outweigh the benefits by far:<p><pre><code> - The CDN gets to decide *what* code is delivered to *which* users. Could be a prime target for, say, another FERRETCANNON. - If the CDN is compromised, so is your site. - If an attacker on a local network manages to inject poisoned cache data into requests for said CDN, your site is compromised. - All of your visitors are disclosed to the CDN owner. - If the CDN goes down, your site does so, too. Note that the inverse doesn&#x27;t apply: the CDNs superior availability has no positive effect on your site. - Loading from another host may cause an unnecessary DNS lookup and will cause an unnecessary TLS connection.</code></pre>

The link title is missing the operative word &quot;single&quot;. It&#x27;s about changing the number of requests, not the type of request.

Doesn&#x27;t this defeat one of the purposes of Javascript CDNs, that the user already has the exact url cached on their machine?

What would be cool is &lt;script sha=&quot;2afdb28d&quot; name=&quot;angular.js&quot; version=&quot;1.2.10&quot; src=&quot;xxx&quot;&gt;&lt;&#x2F;script&gt;<p>This would mean that browser can essentially cache the exact version of the script from <i>any</i> source, verify it with a hash, and still have a fallback URL to download it from.

In my opinion Google Hosted Libraries[1] are the best way to go if you&#x27;re serving &quot;big&quot; commonly used JavaScript libraries to folks.<p>One of the major upsides is that it&#x27;s so heavily used, that a user probably already has it cached in their browser. At least that&#x27;s the idea, not sure of actual numbers.<p>[1]: <a href="https://developers.google.com/speed/libraries/devguide" rel="nofollow">https:&#x2F;&#x2F;developers.google.com&#x2F;speed&#x2F;libraries&#x2F;devguide</a>

Ah, the mythical HTTP batch GET.<p>Last time I tried this, I ran into the problems of 1) unbounded URL length breaking down in old browsers, routers, etc. and 2) hobbled caching. (And also going against the grain of REST.)<p>I&#x27;d be interested if anyone has actually done something like this successfully. Did you have the issues I did? Was it worth it?

This defeats the purpose of defer and async [1]<p>[1] <a href="https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script" rel="nofollow">https:&#x2F;&#x2F;developer.mozilla.org&#x2F;en-US&#x2F;docs&#x2F;Web&#x2F;HTML&#x2F;Element&#x2F;sc...</a>

Great, but instead, I&#x27;ll take parallel files over SPDY, any day.