Use HTML Tag Processor to audit blocking scripts & styles in Site Health’s enqueued-assets test #2059
Conversation
… inline script sizes in the asset audit
b1ink0
added
[Type] Bug
| $path = perflab_aea_get_path_from_resource_url( $href ); | ||
| if ( '' === $path ) { | ||
| continue; | ||
| } |
There was a problem hiding this comment.
Currently, our audit only scans assets located in the WordPress content directory. This raises an question,
how should the audit treat scripts and styles served from a CDN? Should these third-party resources be included in the render-blocking report, excluded entirely, or perhaps flagged separately so we can distinguish external blocking assets from local ones?
I think we’ll also need to consider how to measure their sizes efficiently. One approach could be, sending an HTTP HEAD request to the CDN-hosted URL to check for a Content‑Length header.
There was a problem hiding this comment.
From a performance perspective, CDN-served assets could be even worse for performance since they require a new TCP connection, now that browsers don't reuse cached resources across origins. So we definitely should be including them in the render-blocking report.
Sending an HTTP HEAD request for all resources regardless of whether they are on the same origin or not makes sense to me. If the request returns in a 404 then this would be important to report as well.
Once we have the report, then a future enhancement would be digging in to find the theme/plugin responsible for the resource being added in the first place. The AMP plugin implements a lot of this, and it was getting extracted a separate package via https://github.com/GoogleChromeLabs/wp-origination but that effort got stalled and was abandoned. See also #1095.
There was a problem hiding this comment.
Should we consider a case where a HEAD request does not return a content length due to server configuration? If so, should we then make a GET request?
There was a problem hiding this comment.
Perhaps, but that might be overkill.
There was a problem hiding this comment.
OK, sounds good. In that case, let's not do the HEAD request at all and only do GET. The assets should all be relatively small (a few hundred KB at maximum), so it shouldn't be a problem to just go ahead and download them to check the byte size of the body.
There was a problem hiding this comment.
Sending an HTTP HEAD request for all resources regardless of whether they are on the same origin or not makes sense to me. If the request returns in a 404 then this would be important to report as well.
Now that the GET request is sent, should only 404 errors be added to the report, or should any errors that occur during the request be added to the report?
There was a problem hiding this comment.
Once we have the report, then a future enhancement would be digging in to find the theme/plugin responsible for the resource being added in the first place. The AMP plugin implements a lot of this, and it was getting extracted a separate package via https://github.com/GoogleChromeLabs/wp-origination but that effort got stalled and was abandoned. See also #1095.
So does it make sense to add a table in the blocking scripts/styles site health test showing the origin of each blocking asset, or should this be part of Optimization Detective as you mentioned in #1095?
cc: @westonruter
There was a problem hiding this comment.
I think this is related to #2059 (comment).
I think instead of just saying whether the sum of of the bytes for blocking assets is above a given threshold, that it would be better to list out the assets in a table with a sum at the end. It wouldn't necessarily be able to identify the theme/plugin responsible for adding the script or stylesheet, but in cases where the script/style is bundled with the theme/plugin then this would be obvious.
| if ( ! is_string( $href ) || false !== strpos( $href, 'wp-includes' ) ) { | ||
| continue; | ||
| } |
There was a problem hiding this comment.
We currently skip any URL containing wp-includes (i.e. core assets). Since the goal is to surface all render-blocking resources, should we remove that exclusion and include core scripts and styles in the audit as well?
There was a problem hiding this comment.
I think this exclusion should be removed, yes.
| // Process blocking inline scripts. | ||
| if ( ! is_string( $src ) ) { | ||
| $script_size = mb_strlen( $processor->get_modifiable_text(), '8bit' ); | ||
| if ( false !== $script_size ) { | ||
| $assets['scripts'][] = array( | ||
| 'src' => 'inline', | ||
| 'size' => $script_size, |
There was a problem hiding this comment.
Currently each inline SCRIPT is reported as its own entry, do we want to continue treating every inline script separately, or would it make sense to aggregate inline scripts into a single summary?
There was a problem hiding this comment.
I don't think inline scripts need to be counted since the render blocking is not significant compared to blocking external scripts.
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## trunk #2059 +/- ##
==========================================
- Coverage 68.03% 66.33% -1.71%
==========================================
Files 92 93 +1
Lines 7631 7863 +232
==========================================
+ Hits 5192 5216 +24
- Misses 2439 2647 +208
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
plugins/performance-lab/includes/site-health/audit-enqueued-assets/helper.php
Outdated
Show resolved
Hide resolved
plugins/performance-lab/includes/site-health/audit-enqueued-assets/hooks.php
Outdated
Show resolved
Hide resolved
plugins/performance-lab/includes/site-health/audit-enqueued-assets/hooks.php
Outdated
Show resolved
Hide resolved
plugins/performance-lab/includes/site-health/audit-enqueued-assets/hooks.php
Outdated
Show resolved
Hide resolved
| if ( | ||
| ! is_admin() || | ||
| ! current_user_can( 'view_site_health_checks' ) || | ||
| ( false !== get_transient( 'aea_enqueued_front_page_scripts' ) && false !== get_transient( 'aea_enqueued_front_page_styles' ) ) |
There was a problem hiding this comment.
I think it would make sense to combine these two transients into one aea_blocking_assets, or something like that
Co-authored-by: Weston Ruter <[email protected]>
…page loads Co-authored-by: Weston Ruter <[email protected]>
…assets` transient Co-authored-by: Weston Ruter <[email protected]>
| if ( false !== strpos( $resource_url, '?' ) ) { | ||
| $resource_url = substr( $resource_url, 0, strpos( $resource_url, '?' ) ); | ||
| } |
There was a problem hiding this comment.
| if ( false !== strpos( $resource_url, '?' ) ) { | |
| $resource_url = substr( $resource_url, 0, strpos( $resource_url, '?' ) ); | |
| } | |
| $resource_url = preg_replace( '/\?.*/', '', $resource_url ); |
Nevertheless, the perflab_aea_get_path_from_resource_url() function isn't being used now anymore, right?
There was a problem hiding this comment.
Yes its not being used anymore I just put comment about it here #2059 (comment).
plugins/performance-lab/includes/site-health/audit-enqueued-assets/helper.php
Outdated
Show resolved
Hide resolved
Co-authored-by: Weston Ruter <[email protected]>
…s are now resolved via HEAD requests
b1ink0
requested review from
manuelRod,
mukeshpanchal27 and
felixarntz
as code owners
|
The following accounts have interacted with this PR and/or linked issues. I will continue to update these lists as activity occurs. You can also manually ask me to refresh this list by adding the If you're merging code through a pull request on GitHub, copy and paste the following into the bottom of the merge commit message. To understand the WordPress project's expectations around crediting contributors, please review the Contributor Attribution page in the Core Handbook. |
plugins/performance-lab/includes/site-health/audit-enqueued-assets/helper.php
Outdated
Show resolved
Hide resolved
plugins/performance-lab/includes/site-health/audit-enqueued-assets/helper.php
Outdated
Show resolved
Hide resolved
plugins/performance-lab/includes/site-health/audit-enqueued-assets/helper.php
Outdated
Show resolved
Hide resolved
| $body = wp_remote_retrieve_body( $response ); | ||
| if ( '' === $body ) { | ||
| return null; |
There was a problem hiding this comment.
Could it be that the body length is actually zero in this case?
There was a problem hiding this comment.
I’m not understanding what you’re trying to suggest. If you’re referring to cases when an asset has no content and the server returns an empty string, this will ignore such assets. Should these assets still be included in the asset count?
There was a problem hiding this comment.
Yes, but the issue is that a zero-size body would still be a blocking request.
So I think this condition should be removed.
plugins/performance-lab/includes/site-health/audit-enqueued-assets/helper.php
Outdated
Show resolved
Hide resolved
Co-authored-by: Weston Ruter <[email protected]>
Co-authored-by: Weston Ruter <[email protected]>
Co-authored-by: Weston Ruter <[email protected]>
| if ( 0 === strpos( $resource_url, content_url() ) ) { | ||
| return WP_CONTENT_DIR . substr( $resource_url, strlen( content_url() ) ); | ||
| if ( is_wp_error( $response ) || 200 !== wp_remote_retrieve_response_code( $response ) ) { | ||
| return null; |
There was a problem hiding this comment.
What if instead of returning null here, it instead returns the WP_Error instance if that's what $response is, or else to return a new WP_Error if the response code is not 200. This could be displayed in the UI then, instead of silently ignoring it. If there is a script on the page that is pointing to a 404, then this would be very important to capture since (1) it would still be a potentially blocking request, (2) a 404 would probably be served by WP which would be relatively very slow compared to serving a static asset.
There was a problem hiding this comment.
For this, does it make sense to show a table of failed requests with some info about them, or a general list saying there is an issue with the following assets?
There was a problem hiding this comment.
Yes, in fact I think it would be good to have a table listing out each blocking asset, including whether it is a script or stylesheet, the URL of the asset, and the size. When there is an error obtaining the asset, this can be indicated in the table for that row.
There was a problem hiding this comment.
Any suggestions on UI @westonruter ?
plugins/performance-lab/includes/site-health/audit-enqueued-assets/helper.php
Outdated
Show resolved
Hide resolved
| continue; | ||
| } | ||
| if ( is_wp_error( $response ) || 200 !== wp_remote_retrieve_response_code( $response ) ) { | ||
| return; |
There was a problem hiding this comment.
A failure here should result in some message in the Site Health test, no?
There was a problem hiding this comment.
I have added a new Site Health test in a77ab19, which will be triggered when the response is a WP_Error, the response code is not equal to 200, or the body is empty.
I think adding this new test and omitting the other tests is better, as it does not make sense to show two failed tests with the similar messages.
WP_Error:
Response code is not equal to 200:
Response code is 200 but body is empty:
There was a problem hiding this comment.
Why would this be a new test and not just a unique status for the existing test?
There was a problem hiding this comment.
There are two tests: one for styles and one for scripts. When the request to the home page fails, both of these tests will be omitted in the previous logic. There are two ways to display the error: one is to show the message on one of the existing tests, and the other is to show it in a different, new test. In my opinion, the second seems correct. I am open to any new suggestions for other approaches.
There was a problem hiding this comment.
Oh, I think the two test styles and scripts can be combined into one asset test, and the failure will be one of the cases in it.
There was a problem hiding this comment.
Ah, OK. Yes, what you have makes sense.
There was a problem hiding this comment.
Another option would be for there to be just one test for both scripts and styles. This test would be for the "blocking assets" rather than two separate tests for "blocking scripts" and "blocking styles". I don't feel strongly either way.
There was a problem hiding this comment.
Okay, combining them would work.
| } | ||
| $html = wp_remote_retrieve_body( $response ); | ||
| if ( '' === $html ) { | ||
| return; |
There was a problem hiding this comment.
Ditto. If the HTML response is empty, then this here would indicate a problem with the test that could be exposed.
plugins/performance-lab/includes/site-health/audit-enqueued-assets/hooks.php
Outdated
Show resolved
Hide resolved
plugins/performance-lab/includes/site-health/audit-enqueued-assets/hooks.php
Outdated
Show resolved
Hide resolved
Co-authored-by: Weston Ruter <[email protected]>
Co-authored-by: Weston Ruter <[email protected]>
…s site health test
Summary
Fixes #2030
Relevant technical choices
This PR overhauls the Site Health "Enqueued Scripts" and "Enqueued Styles" tests to accurately detect and report only truly render-blocking scripts and styles, whether loaded from external files or defined inline. It achieves this by performing an unauthenticated loopback request and analyzing the resulting front-end HTML with the
WP_HTML_Tag_Processor.