►
From YouTube: WebPerfWG call - 2023 06 08 - Managed Components
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Yeah
with
the
intention
of
making
online
third
party
tools
secure,
fast
and
private
I
want
to
start
with
this.
Just
the
feedback
regard
yesterday
from
a
user
on
the
display
channel,
it's
not
to
brag
really
it's
because
this
feedback
is
actually
not
was
around.
This
feedback
is
for
the
underlying
technology,
managed
components
which
is
open,
source
and
I'm,
going
to
try
to
convince
you
in
this
small
presentation
that
the
whole
internet
will
be
better
if
we'll
all
start
using
this,
so
this
alphabetical
tools
are
implemented
today.
A
If
you
have
a
website,
usually,
if
you
want
to
add
something
to
it,
for
example,
you
want
to
add
Google
analytics
or
you
want
to
add
some
embed
or
anything
you'll
get
some
Snippets
that
somebody
will
tell
you
just
throw
this
in
the
head
of
your
HTML
or
somewhere
in
the
body,
and
they
will
take
care
of
the
rest,
but
it
is
pretty
bad.
It's
bad
for
performance,
like
the
browser
now
needs
to
make
a
request
for
another
server
and
usually
then
like
evaluate
the
code
and
make
further
requests.
A
It's
also
about
the
security
right,
because
now
you
have,
you
need
to
track
also
another
server
to
provide
like
well
secure
code
and
the
moment
that
this
JavaScript
code
is
running
in
the
browser.
It
has
a
limited
access
to
everything
on
the
page.
It
can
stream
information,
you
can
hijab
the
user.
You
can
change
the
page
in
some
undesired
way
and
it's
also
usually
minified.
A
So
if
you
are
the
website
owner-
and
you
would
like
to
know
what's
going
to
happen,
if
you
include
the
script,
it's
not
a
very
easy
task
and
that's
bad
for
privacy,
because,
like
the
moment,
you've
done
this
now
example.com
has
the
IP
address
and
the
user
agent
of
your
visitors,
which
is
illegal
in
some
places
without
consent,
but
just
problematic
like.
Even
if
you
had
no
intention
to
share
this
information,
it
is
just
shared
yeah,
there's
just
no
other
way
to
do
it.
A
So
we're
going
a
bit
in
the
history
of
the
rallies
of
our
product.
We
started
this
before
John
cloth
three
years
ago
was
on.
This
call
with
me
was
my
co-founder
and
we
started
by
reverse
engineering
types
of
tools.
A
So
we
literally
looked
at
that
minified
code
and
we
created
a
service
like
implementation
of
this
code,
for
example,
we
would
play
Google
analytics.
We
would
see
what
information
it
collects
on
the
browser
for,
like
the
page
title,
the
page
URL,
the
user
agent
and
so
on,
and
we
would
create
a
server-side
version
of
it
that
would
send
all
the
information
to
Google
analytics
without
loading
any
script
inside
the
browser.
A
It
was
great,
it
was
faster.
The
code
now
was
audited
or,
like
you
can
finally
audit
it.
It
was
secured.
It
was
private
and
since
we're
talking
about
performance
here
on
average,
it
improved
website's
performance
like
of
scores
by
40
4-0,
so
customers
were
very
happy,
but
our
system
wasn't
just
better
by
design.
It's
still
allowed
the
tools
like
in
2016
code
that
will
run
in
the
browser
with
unlimited
privileges.
It
was
just
that
we
wrote
this
code,
so
we
drafted
it
and
our
customers
trusted
it.
A
Then
we
joined
transfer
and
we
just
couldn't
handle
like
there
was
now
a
lot
more
traffic
with
us
now
on
thousands
of
websites,
and
we
couldn't
just
keep
reverse
engineering
millions
of
tools
and
maintaining
everything
and
so
on.
We
wanted
to
have
the
vendors
of
these
tools
write
their
own
Integrations
and
we
had
to
come
up
with
a
new
format
that
would
be
saved
by
Design.
A
And
then
we
thought
why
not
just
let
everyone
use
it
like
we're,
creating
an
environment
that
third
body
tools
are
restricted
from
doing
bad
things
and
empowered
to
do
things
that
are
not
possible
for
third
party
tools
today,
and
since
this
is
something
that
the
whole
web
needs
like.
When
we
were
going
to
vendors
and
asking
them,
can
you
write
an
integration?
We
realized
it
will
be
a
much
easier
choice
for
them
if
those
Integrations
can
be
used
not
only
with
the
russ.
A
Components
and
with
this
slide
I'm
going
to
do
the
one
forbidden
thing
and
just
read
from
the
slide.
So
this
is
an
open
source
format
for
defining
status
by
the
tool
behaviors
on
a
website.
A
mesh
components
can
execute
code,
server
and
client
side.
Can
embed
widgets
inside
Pages
can
establish
network
connections
and
can
provide
custom
apis,
manage
components,
require
a
runtime
environment
to
work
and
we'll
touch
on
this
soon.
A
But
let's
talk
and
read
about
the
benefits
of
writing
major
components
when
a
vendor
does
that
they're
getting
a
lot
of
things
for
free?
First,
there's
now
a
unified
events
system
inside
the
page.
So
there's
no
need
to
do
like
something
like
fbq
track
for
Facebook
and
then
GA
send
for
Google
analytics
and
Tick
Tock
track.
A
Server
logic
means
that
the
manage
component
can
do
well
like
anything
that
the
web
server
can
do
right.
So
it
can
either
generate
Dynamic
responses
or
proxy
a
different
server,
server,
static
assets
and
so
on.
Embeds
is
about
just
like
you
know
on
bets
today,
but
completely
server
side
rendered.
So
the
browser
does
not
need.
A
If
you
include,
for
example,
a
Twitter
tweet
embed,
the
browser
doesn't
need
to
contact
quicker
servers
at
all
and
the
whole
tweet
embed
will
appear
as
if
it
was
the
first
party
content
inside
the
page,
client-side
events.
These
are
like
things
like
mouth
move,
visibility,
change,
there's
no
need
to
now
support
a
lot
of
different
browsers
and
like
cross
plot.
A
The
whole
thing
is
provided
with
one
listener
that
is
working
across
different
devices,
different
browsers
and
so
on,
and
one
exciting
thing
is
the
pre-paid
rendering
actions
which
means
that,
well
previously,
a
third
party
tool
can
only
start
acting
once
it
is
loaded
in
the
page
right.
So,
like
the
browser
will
start
running
the
page,
then
load
JavaScript
code,
it
only
then
you
can
start
doing
something
and
a
pre-paid
running
reactions
mean
that
the
tool
can
already
learn
about
their
request.
A
Let's
see
a
simple
example,
so
this
range
component
here
all
it
does
is
it
listens
to
a
page
view
event
and
whenever
there's
a
page
view
it
sends
a
post
request
to
this
endpoint
example.com
collect
and
it
serves.
The
payload
includes
the
current
URL
and
the
IP
address.
Obviously
this
is
a
very
simple
example
of
an
Analytics
tool,
but
the
nice
thing
about
this
analytics
tools
is
that
well,
no
client-side,
the
JavaScript
code
is
presented
in
the
in
the
browser
role.
Nothing
needs
to
be
evaluated,
downloaded
or
sent
from
the
browser.
A
This
is
slightly
more
complex
example
that
shows
the
75
functionality
of
managed
components.
You
can
see
how
we
can
proxy
an
endpoint
on
the
same
domain,
yeah
proxy,
a
remote
server.
We
can
serve
some
static
assets
and
we
can
just
raise
the
route
on
the
same
server
and
yeah
just
Define.
Whatever
functionality
we
want
for
it,
foreign.
A
It
also
provides
all
this
server
side
capabilities
like
the
proxy
and
the
routing
and
so
on,
and
it
provides
a
lot
of
caching
and
Storage
Solutions,
both
that
are
client
specific,
so
it
abstracts
cookies
and
local
storage
and
so
on,
and
also
yeah,
there's
also
a
caching
system
and
a
key
value
storage
system
that
is
website
wide,
that
the
tool
can
use,
and
it
enforces
this
the
configuration
that
the
website
desired
so
like
what
manageable
to
load
when
what
events
it
should
receive
and
what
permissions
to
granted
so
cloudflare
zaraz
is
actually
a
component
manager.
A
This
is
our
propriety
component
manager
and
it
runs
just
like
everything
else
pretty
much
on
cloudflare,
it's
a
it's
a
proxy
for
your
website
that
runs
on
the
edge,
but
the
API
that
we're
designing
for
managed
components
is
it's
not.
It
doesn't
have
to
run
on
the
edge
or
doesn't
it
run
as
a
proxy
server?
It
is
actually
meant
to
be
completely
agnostic
of
it,
so
it
can
be
written
as
an
Express
middleware,
for
example,
and
even
as
a
client-side
service
worker.
A
Obviously
it
will
not
give
you
all
the
benefits
if
you
run
it
inside
the
browser,
but
some
of
them
for
sure
yeah.
So
everything
until
now
is
pretty
much
what
I
was
already
describing.
We
had
a
call,
I
can
remember
sometime
later
yeah
I
think
October
2022,
but
now
I'm
going
to
talk
about
what
we
have
already
now.
A
A
Then
we
took
everything
that
was
in
the
Zara's
Library,
so
we
have
like
more
than
30
tools
and
we
converted
everything
to
a
managed
component
and
we
open
sourced
all
of
that
that
lives
in
this
GitHub
organization
managed
components
at
least
written
down.
A
We
already
already
have
a
vendor
created
components
so
crazy
egg.
The
session
recording
Tool
wrote
a
managed
component
that
records
yeah
the
record
sessions
and
everything
that
is
just
in
a
way.
That
is
a
much
more
performant,
secure
and
private
and
we
have
Community
Credit
components.
So
some
people,
even
on
this
call
Road
components
the
support
tools
that
they
needed
to
use
like
Tick,
Tock,
snow,
plow
and
a
bunch
of
others.
A
That's
all
about
the
open
source
part.
Now
what
classes
are
us
we're
now
used
by
more
than
20
000
websites?
10
000
of
them
are
using
as
a
Ras
to
load
Google
analytics
for
5000,
using
it
to
work
for
Google
release
three
and
2016
below
the
Facebook
pixel.
A
It's
I
find
quite
amazing
that
we
have
like
yeah,
10
000
websites,
loading
Google
analytics
for
without
any
client-side
code
whatsoever
and
coming
up
very
soon
is
the
ability
to
load
your
own
custom
management
components.
This
is
something
you
can
do
in
webcam
already,
but
in
zoraz
you
will
be
able
to
do
it
very
very
soon
and
also
embeds
and
as
a
teaser
I'll
show
you
this
example.
A
So
this
Twitter
embed
it
appears
in
the
page
just
like
the
normal
Twitter
embed,
does
just
much
faster
because
it
comes
with
the
HTML
of
the
page
as
the
as
the
HTML
responses
being
sent
to
the
browser
other
than
that
it
behaves.
We've
done
our
best
to
make
it
behave
exactly
the
same,
but
it
also
doesn't
expose
the
IP
address
the
user
agent
and
so
on,
because
the
browser
doesn't
talk
with
Twitter
at
all,
where
it
presents
this.
A
And
lastly,
this
is
about
where
we
want
to
go
from
here.
We
want
to
start
this
community
group
that
will
work
about
work
on
the
managed
components.
The
idea
is
to
have
a
group
that
represents
vendors,
browsers
yeah
infrastructures
and
users
and
to
work
on
the
standard
for
manager,
components
in
a
way
that
would
align
everybody's
goals
and
perhaps
come
with
draft
proposals
for
the
browser
and
the
runtimes
yeah,
with
the
big
goal
of
having
a
standard
way.
A
Finally,
on
the
internet
to
deploy
Advanced
and
save
the
body
tools,
that
is
all
so
happy
to
take
any
questions.