►
From YouTube: Websites Weekly Meeting (Feb 28th, 2022)
Description
Layer5 Websites Meeting - February 28th, 2022
Agenda:
- Image optimization for Community page. #2610
- Resource Optimization #2616
- https://www.gatsbyjs.com/plugins/gatsby-plugin-loadable-components-ssr/
- Image elements do not have explicit width and height ( check PageSpeed Insights)
- Also add missing alt attributes, if any.
- in auth.layer5.io (or meshery.layer5.io) - Point out where x-frame header can be set in Golang. Meshery Cloud
Join the community at https://layer5.io/community
Find Layer5 on:
GitHub: https://github.com/layer5io
Twitter: https://twitter.com/layer5
LinkedIn: https://www.linkedin.com/company/layer5
Docker Hub: https://hub.docker.com/u/layer5/
B
Okay,
so
abhijai
and
yash
they
were
working
on
the
get
knight
hog
dog
sidebar.
So
basically,
what
we
discussed
in
last
year
last
month
was
that
this
is
like
covering
the
text
and
we
should
probably
move
it
to
the
side
and
we
suggested,
I
think
the
top
left
corner
here
and
they've
come
up
with
two
designs.
A
Cool-
and
this
is
the
website's
call
for
monday
february,
28th,
nice,
so
yeah
there's
a
couple
of,
I
think
one
of
the
things
that
is
a
challenge
for
in
part
as
a
challenge,
for
the
way
that
this
site
is.
Is
that
well,
it's
a
single
site,
and
it
has
you
know,
information
about
the
project,
its
features,
its
functions,
and
then
it
also
has
a
full
set
of
well
where
it
has
documentation
as
well,
and
the
documentation
is,
you
know,
is
enough
to
navigate
onto
its
own.
A
A
A
D
D
G
D
I
F
C
A
A
That's
in
the
upper
right
hand
corner,
because
it's
just
you
know,
that's
more
of
a
common
placement,
but
if
they
both
do
stay
yeah
that,
like
yash's,
pull
tab
in
the
mesher
ui,
if
that,
if
there
were
something
similar
kind
of
a
vertical
rectangular
like
slider
or
a
bar,
that
you
click
on
that
that
says
geo.
So
I
don't
know
what,
if
it
I
don't,
I
mean
the
acronym
toc,
isn't
necessarily
intuitive
either
yeah.
Oh,
that's
funny!
Okay,
fine!
Now,
abba
j
is
just
showing
off.
I
guess.
Okay,
but
yeah.
A
I
mean
that
that's
a
heck
of
a
lot.
That's
a
good!
It's
a
great
step
right
there
I
mean.
I
mean
that
that
to
me,
especially
if
the
the
double
chevrons
were
like
vertically
aligned
in
the
or
horizontally
in
the
middle,
that
that's
certainly
indicative
of
like
I
would
expect
to
see
something
of
a
menu.
I
would
expect
to
see
a
temporary.
You
know
something
and
then,
to
the
extent
that
that's
a
navigator
that
makes
a
ton
of
sense,
yeah.
C
C
Yeah,
so
can
you
open
that
pier
so
yeah,
so
yeah
vidya
is
working
on
implementing
open
graph
for
the
nighthawk
project
but
like
she
was
facing
some
health
issues?
That's
why
she
is
not
able
to
contribute
in
on
this
fair.
But,
like
I
tried
on
my
side,
I
used
the
same
dimensions
which
is
mentioned
for
the
twitter
and
for
the
facebook,
but
it
is
not
working.
I
don't
know
why
it
is
not
working
so
can
we
apply.
I
have
a
question
that
can
we
apply
padding
on
these
images?
C
A
C
A
A
By
the
background
I
mean
not
the
green
part
of
the
logo,
but
the
the
rest
of
the
image
itself
just
needs
a
little
more.
They
like
to
have
certain
aspect
ratios
and
so
twitter
is
set
to
do
like
a
fill
content
type
thing,
and
so,
if
the
image
doesn't
isn't
in
of
the
dimensions
of
the
aspect
ratio
that
they
like
or
not,
I'm
sorry
that
they
like,
but
that
they
use.
Then
then
your
image
will
spill
over
it
like
ours
is
so
we
need
it
to
be
a
little
taller
than
it
is
wider.
C
A
D
G
A
C
C
C
So
most
of
the
images
are
working
perfectly,
but
give
me
a
second
like
this
google
summer
of
code.
This
image
is
cropped
out
from
top
and
bottom,
so
there
are
some
couple
of
images
which
are
getting
cropped.
So
I
like
this
image,
also
like
it,
is
getting
cropped
from
top
and
bottom.
I
tried
to
fix
it
using
css
properties
like
I
use
bunch
of
css
properties
so
that
it
could
get
contained
inside
a
wrapper
but
turns
out
like
after
optimizing.
E
I
asked
it
around
in
gatsby
community
about
the
image
dropping
it.
We
are
also
facing
it
in
the
books
yeah
book
stage.
They
are
saying
that
it
might
be
a
single
image
issue.
They're
also
they're,
also
not
sure
about
that,
because
in
a
slider
of
four
there
is
only
one
image
which
is
cropping
out
so
yeah.
A
Just
as
a
quick
recap,
the
you're
trying
to
make
some
performance
improvements
by
ensuring
that
the
the
file
size
of
each
of
the
images
loads
with
as
high
quality
as
possible,
but
also
as
quickly
as
possible.
In
doing
so,
your
you
know
we're
relying
on
the
plug-in
to
help
with
that
part
of
what
you're
finding
is
that
the
images
don't
quite
fit.
That's
what
you're
saying
some
of
them
one
or
two
of
them
get
cropped
yeah.
H
A
Yeah
yeah,
it
just
has
to
do
again
with
the
exact
kind
of
issue
that
we're
facing.
We
were
just
talking
about
it.
It's
about
aspect
ratio,
I
mean,
if
you
think
about
it,
like
it,
wouldn't
really
yeah
see
right
there
on
the
right
hand,
side
where
this
head
well.
Okay,
so
you
know
you
see
how
the
right-hand
side
arrow
is
off
and
there's
extra
margin
on
the
right-hand
side,
okay,
yeah
that
may
or
may
not
have
anything
to
do
with
aspect
ratio.
A
Or
what
have
you
like,
then
like
see
right
there
that
that
picture,
if
you
go
back
one
okay
to
the
istio
up
and
running
so
so
it's
quite
a
tall
image.
If
you
can
you
press,
can
you
do
okay?
So
if
we
okay,
all
right
so
do
you
guys
see
the
up
the
chevron
that
is
the
up
arrow
in
the
lower
right
hand
corner?
Doesn't
that
look
strikingly
like
it
fits
very
well
in
the
margin
there?
Maybe
because
maybe
it's
having
an
effect
and
bumping
over
the
carousel
potentially
is
another
potential
possibility.
A
Do
we
still
have
the
same
margin
issue
these
doing
these
couple
of
tests
can
tell
you
like
hey
it's
an
aspect
ratio
issue
with
the
images
that
are
in
the
carousel
or
it's
not
in
like
more
because
of
the
results
of
what
just
happened.
It's
like!
Maybe
it's
not
having
to
do
with
the
aspect
ratio
of
the
image,
because,
because
it's
okay,
actually
another
way
of
testing,
is
reduce
the
width
by
a
three-quarter
by
a
quarter.
So
have
it
like
three-quarters
of
the
width
of
what
you
have
it
right
now?
A
A
A
Yeah,
I
I
my
money
is
on
that
chevron
that
that
top
button
being
the
issue
seems
like
it's
probably
I
don't
know,
maybe
not
like
it.
Overlaps
see.
If
you
s,
if
you
position
the
chevron
right
in
the
middle
of
the,
if
you
go
up
just
a
little
bit,
yeah
right
there,
yeah,
okay,
the
fact
that
it's
overlapping
okay,
maybe
there's.
B
D
D
I
just
noticed
that
so
that
was
also
updated
in
the
appear,
though,
it's
that
yes
get
too
much
and
the
other
one
is
limiting
this
component
to
the
pages
only
where
it
is
used,
but
so
this
weekend
I
did
something
and
unfortunately
how
gatsby
work
is
it's
clearly
packages
or
the
like.
Webpack
is
used
as
the
mediator
to
create
the
package
or
the
scripts,
which
would
be
load
for
the
page
and
by
default,
since
it's
a
static
site,
all
the
ships
are
loaded
together
on
the
home,
page
etc
by
default.
D
If
we
are
not
lazy
loading
it
so
in
case
of
our
website,
we
don't
until
react
18.
We
don't
have
react
easily
supported,
so
we
don't
have
the
feature
of
vrcleave,
but
there's
another
option
that
is
loadable
console
and
galaxy
provides
the
plugin,
which
is
cat,
reloadable,
loadable
component
ssr
for
server
side
rendering.
D
D
A
D
But
unfortunately,
when
I
tried
to
use
that
plugin
our
project
in
layer
56
and
try
to
come,
build
the
site
locally.
It
was
feeling
so
I've
added
that,
like
I've
commented
it
in
the
respective
repo
of
that
plugin
like
there
was
an
issue
related
to
it.
Some
time
ago
they
made
a
new
lease
and
supposedly
that
should
have
been
fixed,
but
that's
still
reproducible.
D
A
B
D
D
D
D
If
one
can
do
so,
then
that
would
allow
click
checking
issue
like
allowing
someone
to
use
our
site
as
a
dummy
image
in
their
own
site,
so
that
someone
could
hack
your
machine
or
do
some
other
stuff
which
you
are
not
interested
in,
so
that
would
but
using
x
parameters
that
could
be
avoided.
But
again
that
brings
us
to
the
issue
that,
since
we
are
using
data
pages,
we
can't
control
the
diversion.
A
Yeah
I
mean
like
the
yeah,
the
individual
that
sent
in
the
clickjacking
security
concern
is
doing
what
a
lot
of
people
do,
which
is
looking
to
build
up
a
resume
of
having
sent
in
security
issues,
and
it's
just
like
that's
never
going
to
affect.
We
don't
ask,
we
don't
really
ask
anybody
for
yeah,
we
do
a
there's,
nothing,
we
can
do
about
it
b.
It
ain't
ever
gonna
happen
c
is
wasting
our
time.
A
On
layer5.io,
then,
there
might
be
incentive
to
try
to
click
jack,
to
try
to
trick
our
users
into
filling
in
their
credentials,
sensitive
info
and
then
and
trying
to
steal
it.
I
mean
today
we
just
there's
none
of
that
going
on
other
than
someone
typing
in
an
email
address
into
a
form
and
there's
like
zero
incentive
for
anybody
to
actually
come
and
try
to
click
jack,
us
plus
the
resolute.
So
the
probability
is
quite
low.
A
The
severity
is
quite
low
and
then
our
ability
to
do
anything
about
it
in
it
at
the
moment
is
nil.
So
it's
like
now
having
said
that,
as
we
look
toward
the
learning
paths
and
we
look
to
have
people
log
in
so
they
can
track
their,
so
they
can
keep
track
of
their
bookmarks,
so
they
can
keep
track
of
maybe
quiz
answer,
quizzes
and
quiz
answers
that
they've
asked
and
that
they've
answered.
A
A
The
same
authentication
service
that
that
we
run
to
allow
people
to
sign
in
to
measure
that's
probably
the
same.
It's
it's
a
small
golang
program
that
was
written
here
so
that
we
control
it
runs
in
a
super,
tiny
vm
on
aws
and
and
so
we
can
take
and
redirect
this
click
jacking
concern
to
that
I
mean
that
would
be
my
suggestion.
A
A
A
That's
because
this
system
isn't
meant
for
general
purpose
login.
It's
meant
for
mesh
a
mesh
reservoir
instance
semester
ui
instance
to
initiate
a
login
request
and
when
it
does,
it
passes
along
certain
certain
query,
string
parameters
and
since
those
are
missing
so
anyway,
so
we
don't.
We
don't
really
have
a
click.
Jacking
we're
not
really
vulnerable
to
click
jacket
because
there's
nothing
to
jack
and
then
so
that
sets
that,
aside
for
our
current,
you
know
site
moving
forward
as
we
have
the
ability
to
sign
in
it's
like
yeah.
You
know,
okay,
this
is
good.
A
This
is
actually
we
have
a
remind.
We
have
a
healthy
suggestion
up
front
that
we
should
make
sure
that
our
server
is
setting
these
x-frame
headers.
So
one
thing
that
we
could
test,
I
think
I
think
right
now
is.
If
we
were
to
look
at
the
page
source
on
this
page
is
in-
and
you
know,
is
it
setting
those
headers
and
and
if
not,
this
is
a
good
place
to
address
it
or
we
can
address
it
up
front.
I
should.
A
Nikhil
now
the
solution,
a
question
for
you
in
case
you
know
the
the
solution
here
needs
to
be
performed
server-side,
because
otherwise,
if
it
was
just
client-side,
you
could
hack
around
that
or
hackers
could
get
around
that
setting.
So
the
setting
needs
to
come
from
the
web
server
from
the
server
that's
serving
the
pages
so.
A
A
Does
that
make?
Does
that
make
sense
to
everybody
like
you
know,
quickjacking
to
me?
It's
not
not
being
security
focused,
you
know
it's
something
that
I
had
to
go
look
up
to
just
sort
of
see
the
details
of
what
might
go
on
and
it's
you
know
more
or
less
like
a
form
of
a
man-in-the-middle
attack,
which
is
to
say
with
iframes.
A
A
You
can
display
one
web
page
inside
of
another
web
page
basically,
and
so
what
nikhil
was
describing
just
to
describe
clickjack
just
for
everyone
to
get
something
out
of
the
last
eight
minutes
of
me.
Droning
on
click.
Jacking
is
essentially
a
man-in-the-middle
attack
and
someone
correct
me
if
I
get
this
wrong,
but
it's
a
man
in
the
middle
of
attack
in
which
a
visitor
would
go
to
a
url.
You
know
they
would
visit
a
url
unbeknownst
to
them.
There
would
basically
be
an
iframe,
that's
transparent,
that's
sort
of
invisible
to
them.
A
That
is
sit
more
or
less.
You
know
essentially
sitting
on
top
of
the
real
site
that
you're
visiting.
So
since
it's
transparent,
you
basically
see
the
real
site
and
you
click
through
it.
You
type
you
type
into
it,
you
do
it
you,
normally
you
know
to
a
user,
it's
transparent
but
unbeknownst
to
them,
because
there's
this
like
transparent,
iframe
sitting
in
between
their
keyboard
and
their
mouse,
that
other
that
iframe
is
able
to
capture
keystrokes
and
mouse
clicks
and
basically
capture
sensitive
info
in
that
way.
A
A
A
A
Ask
you
to
log
in
this
is
the
first
page
that
you
see
when
you
pull
up
your
meshre
interface
you're.
Actually,
you
know
you're
sitting
at
this
url
slash
provider,
which
is
to
say
that
that
mescheri's
rest
endpoints
meshes
rest
based
api
server
and
mescheri's
graphql
based
api
server.
They
both
have
all
of
their
api
endpoints
protected
because
measury
when
you're
running
when
it's
administrating
your
your
clusters,
it
has
a
lot
of
power,
has
a
lot
of
access
to
your
cluster.
A
So
you
want
to
you
want
to
protect
those
endpoints
so
that
someone
doesn't
you
know
some
nefarious
actor,
doesn't
use
meshri
to
delete
a
service
mesh
or
delete
your
cluster
or
that
kind
of
thing.
So
almost
all
of
the
measuring
server
endpoints,
which
are
either
one
of
two
things:
it's
either
a
rest,
endpoint
or
a
graphql
point
they're
all
protected,
except
for
like
one.
I
think
just
one
is
open
and
you
can
actually
go
to
it
by
slash
api.
A
If
I
go
to
api
system,
slash
version,
we
just
get
back
a
small
json
blob
that
says
a
bit
of
info
about
mesh
reserver
about
the
system
in
its
version,
so
the
build
number
of
measures,
here's
the
build
number,
here's,
the
here's,
the
current
build
that
I'm
running.
Here's
the
latest
build
that's
out
there.
A
It's
saying
that
it's
saying
it's
outdated!
Wait!
Oh
okay,
am
I
outdated?
Am
I
running
an
old
server
and
saying
no
you're,
not
you're
running
the
latest?
Okay,
I'm
the
anyway!
Well,
I
don't
need
to
explain
all
this
stuff
I
just
anyway.
The
point
is:
is
like
everything's
protected,
except
this
endpoint.
This
endpoint
isn't
protected,
because
if
you
want
to
run
something
like
measuring
ctl
version
like
without
having
logged
into
your
system,
you
wouldn't
be
able
to
to
run
something
like
this.
Unless
this
is
unprotected
so
meshrictl,
it's
just
another
rest
api
client.
A
Like
performance
profiles,
this
is
auth,
so
I
have
so.
This
client
has
a
token
that
it's
using,
that
is
that
this
client
is
separately
authenticated,
which
is
kind
of
interesting
right.
This
client
is
not
authenticated
because
it's
a
private
session,
okay
anyway,
I
digress.
I
digress
all
right
so
so,
if
you
go
when
you,
when
you
go
sign
in
this,
is
measuring
cloud,
this
is
a
remote
provider.
A
So
there's
a
lot
of
details
about
this
that
are
in
the
community
drive
as
well
as
some
of
these
are
in
the
docks
themselves.
So
what
just
happened
is
when
I
clicked
when
I
chose
a
provider.
If
I
go
back
so
from
here,
I
choose
a
provider
I
get
redirected
to
wherever
that
provider
is
hosted
in
this
case,
meshrie
cloud
as
a
provider
is
hosted
at
mestre.layer5.io
now,
because
my
request
came
from
meshre
server
from
mastery's
ui
right
there.
It
also
included
some
of
those
additional
query
string
parameters
that
I
was
referring
to.
A
A
Otherwise,
today
it
will
just
respond
with
that
error,
saying
you
know,
there's
a
mish
mesh
right,
there's
a
a
mismatch,
so
mesh
recloud
is
a
system
that
has
three
components:
has
a
small
go,
laying
cert
there's
some
diagrams
of
this,
but
you
know
too,
but
there's
a
small
golang
server
super
tiny
golden
that
the
google
link
server
is
serving
up
this
web
page
and
it's
facilitating
connectivity
to
any
of
these
identity
providers.
So
mesherie
cloud
is
not
an
identity
provider,
it
is
not,
it
does
not
say.
A
Oh,
you
could
also
use
your
email
address
and
then
create
your
own
local
account.
That's
specific
to
mesri
cloud
like
it
doesn't
give
you
that
option,
because
it's
not
a
an
identity
provider.
It's
just
facilitating
the
transaction
for
authenticating
you
with
other
popular
identity
providers,
part
of
how
it
does
that
is.
It
runs
another
component
called
hydra
well
hydra
from
ori,
which
is
an
open
source
project.
A
Ory
hydra
hydra
is
an
open,
auth.
Two
point
and
oauth
2.0
compatible
open
id
compatible
hydra
is
an
2
open
id
connect
provider,
in
other
words
an
implementation
of
oauth
2,
and,
and
so
it
helps
so
so.
There's
another
component
that
we're
using
that
helps
facilitate
some
of
the
complexities
of
like
interac
of
doing
the
oauth
2
exchange
and
the
open
id
exchange.
So
so
that's
the
second
component
inside
of
measured
cloud,
and
so
as
I
when
I
click
here,
part
of
hydra
will
come
into
play
like
it's.
A
It's
beginning
to
facilitate
now
the
transaction
between
this
interaction
between,
in
this
case
twitter
and
and
so
now,
I'm
interacting
if
you
notice,
I'm
at
api.twitter.com.
So
now
I've
been
redirected,
my
user
is
interfacing
with
twitter.
Twitter
is
going
to
say
the
the
credentials
that
you're
providing
are
either
correct
and
you
are
who
you
say
you
are
or
not,
and
since
those
are
correct,
twitter
will
respond
back
to
measurey
cloud.
A
Saying
yep.
This
person
is
is
good
to
go
meshri
cloud
that
hydra
component.
It
will
generate
a
new
jwt
token
because
yeah,
because
what
it
was
looking
for
from
twitter
was
just
I
don't
know
who
these
credentials
are.
You
do.
Are
these
accurate?
Yes
or
no?
Yes,
they
are
okay,
I'll
generate
a
new
token.
A
This
person-
you
know
this
user
is
saying,
is
who
excuse
me
is
who
twitter
says
they
are
right
and
then
without
the
user,
knowing
really
like,
then
after
the
token
is
generated,
mesh
recloud
that
golang
server
redirects
you
back
to
your
original
local
measuring
ui.
So
I'm
all
of
a
sudden,
I'm
back
at
localhost
that
whole
transaction
is
diagrammed
and
kind
of
separate,
but
okay.
So
then,
now
there's
every
time
that
I
go
to
interact
with
any
of
the
apis
being
served.
A
I
have
a
valid
authentication
token
and
can
nav
through
the
system,
the
third
component
to
measuring
class.
So
so
the
third
component
is
measuring
cloud.
Is
a
small
postgres
database.
It's
a
really
small
postgres
database
that
just
tracks
keeps
track
of
stuff.
That
goes
on
so,
to
give
you
one
more
so
measuring
cloud
that
small
little
golang
server
it
just
has
like
it
has
like
six
web
pages,
or
so
it's
pretty
small
and
some
of
those
have
to
do
with
just
there's
a
back
end
admin
section.
A
A
But
some
statistics
about
the
rate
by
which
or
the
number
of
events
that
are
occurring
in
measuring
cloud
so
like
from
the
time
that
we've
been
running
it,
how
many
people
have
like
have
signed
up
how
many
people,
how
many
times
have
raised
test
results,
been
published?
How
many
times
have
people
logged
in
so
there's
kind
of
these
four
statistics,
logins
performance
test
results,
conformance
test
results
and
individual
signups
and
so
there's
different
ways
of
looking
at
it.
But
this
is
just
an
accumulative
graph
of
of
that
over
time.
A
So
an
interesting
stat
to
look
at
is
like
just
over
the
last
couple
of
years
how
many
people
have
signed
up
so
back
in
march
of
2019.
There
were
about
three
for
that
month
and
there
were
20
for
the
next
one,
you
kind
of
so
today,
just
for
mastery
cloud
itself,
there
have
been
about
almost
1200
people
who
sign
in
so
that's
good.
A
A
A
It's
not
login
as
much
as
it
is
anytime
that
you're
inside
of
measuring
cloud
and
you're
sort
of
refreshing
the
screen
or
going
to
a
different
screen
that,
if
you're
signed
in
to
mesh
recloud,
which
some
users
sign
in
and
some
don't-
and
I
don't
know
what
percentage
of
the
difference
that
is,
then
this
is
just.
It
keeps
track
of
all
the
events
like
how
many
times
that
that
happens,
and
so
yeah
anyway.
A
A
A
A
D
A
A
Like
this,
you
go
to
you
go
to
your
local
host
of
your
local
meshery
server
and
I
just
opened
a
private
browsing
window,
so
it
doesn't
have
a
cookie
like
it
doesn't
have
an
authentication
token.
It's
not
presenting
my
client.
My
web
client
is
not
presenting
one,
so
measuring
server
says:
wait,
you're,
not
authenticated!
A
I'm
going
to
block
you,
I'm
going
to
stop
you
out
here
on
slash
provider
and
so
to
answer
nikhil's
question:
it's
like
okay,
so
slash
provider.
This
small,
like
there's
mesh,
reui
and
nikhil,
is
very
aware
of
this.
I'm
just
but
like
as
you
tie
all
these
pieces
together,
there's
measuring
ui
as
a
a
web
app
and
then
a
separate
web
app
provider.
A
The
the
reason
the
primary,
like
maybe
we
can
consolidate,
but
the
primary
reason
for
this
separation
is
that
base.
Basically,
all
the
input,
basically
anything
that
measure
ui
wants
to
serve
up
needs
it's
going
to
require
that
there's
a
token
present
and
mesri
the
slash
provider.
Ui
intentionally,
is
very
super
small
and
it
doesn't
require
a
token.
It
just
facilitates
choosing
one
provider
over
the
next
and
so
to
answer
in
the
kills
question.
A
It's
like
okay,
in
the
moment
in
which
you
choose
one
provider
over
the
next,
the
provider
ui
will
pass
along
like
will
redirect
the
user
to
their
selected
provider,
and
it
will
also
add
on
additional
info
like
what's
the
like.
What's
the
ver
it'll
format
that
query
with
additional
info,
and
so
the
specifics,
the
the
the
even
more
specifics
to
answer
that
question
are
like
under
here
in
provider
ui
and
then
looking
at
the.
A
End
point
that
it
has
for
so
this
provider
component
js.
When
someone
makes
that
selection
like
we
would
kind
of
river,
we
would
sort
of
look
back
through
okay
well
when
they
make
that
selection.
What
internal
endpoint
is
being
called,
and
then
we
go
look
at
that
golang
and
look
at
like
what
additional
like
query
string
info
like
what
else
is
it
passing
along.
A
A
D
H
A
A
A
It
does
a
version
check
to
see
what
version
of
mesh
re
server
you're
running
and
and
it's
it's
like
a
year
and
a
half
old.
We
we
don't
need
to
worry
about
the
compatibility
anymore,
they've
been
compatible
for
a
long
time.
We
need
to
remove
this
check
so
that
as
a
next
step,
what
people
would
see
is
they
would.
They
would
basically
see
not
this.
They
would
see
this
whether
they
came
from
measure
ui
or
not,
and
we
need
to
start
to
okay,
fine
and
then,
as
a
next
step.
A
A
A
B
Yeah
I'll
bring
this
up
in
the
next
call.
There
was
one
small
thing
again
based
on
the
paid
speed
reports
that
some
images
don't
have
an
explicit
width
and
height,
so
I'll
create
issues
for
that.
So
this
is
basically
serve
two
purpose.
One
is:
it
maintains
the
aspect
ratio
even
in
smaller
screen
sizes
and
the
second
is
related
to
the
accumulated
cumulative
layout
shift.
So
basically
it
doesn't
hinder
the
pick
the
display
of
whatever
is
on
the
kids
too
much.
A
A
It's
always
been
my
experience
that
you'd
all
so
long
as
you
only
define
width
or
height
as
something
it's
not
if
you're
specifying
it
other
than
just
100
or
auto.
You
could
specify
them
both
as
100
or
both
of
them
as
auto
and
you're,
probably
fine
in
terms
of
aspect
ratio
being
maintained,
but
I've
found
that
if
you
specify
them
both
statically
and
do
re
you
and
do
resizing
of
the
browser
that
it's
then
that
you
can
find
yourself
like
if
you're
just
specifying
one,
it
will
make
sure
that
one
yeah
someone.
B
G
B
B
Basically,
the
problem
which
people
have
done
like
which
you
were
talking
about
is
in
the
css.
They
give
width
equal
to
100,
pixel
and
height
equal
to
200
pixels,
that
that
is
the
problem,
that
is
when
it
gets
restricted
to
200
pixels.
Even
in
the
mobile
view,
this
is
a
little
different.
This
is
not
the
specific
bits
that
you
get.
A
Yeah,
no,
no
seriously,
it's
always
confused
me,
but
like
that
behavior
that
I've
said
is
true,
but
it's
always
been
to
me.
It's
always
been
confusing
like
like,
if
you're
specifying
200
pixels,
100
pixels
like
you're,
specifying
you
want
this
like
you're,
specifying
not
only
the
the
size
but
you're,
also
like
locking
in
the
aspect
ratios.
So
then
why?
A
B
D
A
If
you
don't
specify
a
height
or
width,
what
would
you
anticipate
the
behavior
to
be
probably
a
hundred
percent
like
behind
the
scenes?
What
is
it
sort
of
interpreting
itself
as
anyway?
So
my
point
is
like,
if
you
don't
explicitly
specify
there
may
be
behavioral
differences
between
when
you
do
specify
a
unit
of
measure
and
when
you
don't,
even
though,
like
behind
the
scenes
it
defaults
to
px,
there
might
still
be
another
behavior.
That's
present
as
well.
B
Basically,
how
I
came
up
with
this
was:
I
was
looking
at
lazy
loading
of
images
and
videos
so
over
there
one
problem
that
happens
is
suppose
it
loads.
After
a
long
time,
if
you
don't
have
that
space
occupied
for
the
image
it
comes
in
all
of
a
sudden,
so
that
was
what
the
reports
were
saying.
So
that
is
why
I
looked
into
this
and
I
like,
based
on
what
I've
read
I
that
was
what
I
was
telling
right
now.