Optimizing the Cilent Side to Improve Perceived Performance

We do all sorts of cool stuff here at Denim Group and unfortunately we don’t get to talk about most of it – at least not publicly.  And even a lot of the cool stuff we do talk about internally is often tough to communicate.  Today I was thrilled because we took something live that was:

  1. Anonymizable enough that I can make a blog post about it without breaking any of our confidentiality agreements
  2. Visual enough that everyone should be able to appreciate it

We do a lot of work on testing performance and improving performance for our clients’ applications.  Typically people think of performance tuning as being a server-side activity: tweak your database indexes, profile your Java code and so on.  And we have seen our share of situations where this was exactly what you need to do to fix a sluggish web application.  However, a lot of folks forget about improving the client-side performance of applications.

I posted a while back about a tool from the Yahoo Developer Network Exceptional Performance group we use that is more focused on analyzing and making recommendations about how client side code and data are organized.  This is an often-overlooked area where great performance improvements can be found.

Using the YSlow tool as well as a number of other client side performance analysis techniques we just finished making some performance enhancements for one of our clients that relied almost exclusively on updating client-side artifacts like:

  • Rearranging JavaScript to the bottom of pages
  • Rearranging CSS to the top of pages
  • Minimizing CSS
  • Removing/streaming external JavaScript references
  • Giving the browser better hints about dynamic content

The best part of this is that when we tested the live site performance before and after we were able to put together a graph showing the results.  Here is the uncached perceived page load behavior.  The different Series data are for different areas of the site that were optimized.


Granted these are still pretty heavy Web 2.0 big-boy pages with a whole lot going on.  They weren’t built to look like or load like www.google.com.  But as you can see, some fairly straightforward client-side changes resulted in pretty impressive perceived performance gains.  Fun stuff!

Thanks to all the Denim Group folks who helped make this happen.

dan _at_ denimgroup.com

About Dan Cornell

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Categories: Uncategorized

Leave a Reply

Your email address will not be published. Required fields are marked *