Merge pull request #90 from tbela99/v.next

V2.8.0 - Add \.ico as a supported PWA icon format #78 - Add purpose property to the PWA manifest options #78 - Add screenshots property to the PWA manifest options #78- remove duplicated path the file name #88 - change default pwa display to _standalone_ #78 - \[performance\] precompress cache files. If the client advertises compression support, then send the compressed file. Brotli support requires the brotli extension #89 - optionally preserve IE conditional comments #88 - remove the length restriction of the manifest short_name #78 - fix security and performance issues induced by links with _target=\_blank_ attribute #91 - asynchronously initialize the service worker using \<script defer\> #78 - Link preloading : preload only once #99 - \[bug\] fix invalid configuration path #94 - \[bug\] the minification produced invalid HTML when the HTML provided had missing space between attributes #88 - \[bug\] the protocol is removed in the HTML content instead of href|src attributes only - \[bug\] fix an uncaught javascript error in the service worker js #78 - \[bug\] fix 404 error when Hotlink protection is ON and cache files is OFF #78i - \[bug\] fix ignored javascript are removed from the page #96
tbela99 · May 16, 2020 · fc698c3 · fc698c3
2 parents 091c8dc + d6d13bb
commit fc698c3
Show file tree

Hide file tree

Showing 78 changed files with 3,104 additions and 4,728 deletions.
diff --git a/.gitattributes b/.gitattributes
@@ -0,0 +1,13 @@
+test/ export-ignore
+docs/ export-ignore
+config/ export-ignore
+composer.lock export-ignore
+composer.phar export-ignore
+.gitignore export-ignore
+build.sh export-ignore
+imagesloader.es6 export-ignore
+jsdoc.json export-ignore
+rollup.config.js export-ignore
+terser.config.js export-ignore
+.eslintrc.js export-ignore
+.editorconfig export-ignore
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,8 @@
 .idea/
 jasmine/
-node_modules/
+node_modules/
+package-lock.json
+test/
+excluded.lst
+/composer.phar
+/composer.lock
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,24 @@
 # Change History
 
+## 2.8.0
+
+- Add \.ico as a supported PWA icon format #78
+- Add purpose property to the PWA manifest options #78
+- Add screenshots property to the PWA manifest options #78- remove duplicated path the file name #88
+- change default pwa display to _standalone_ #78
+- \[performance\] precompress cache files. If the client advertises compression support, then send the compressed file. Brotli support requires the brotli extension #89
+- optionally preserve IE conditional comments #88
+- remove the length restriction of the manifest short_name #78
+- fix security and performance issues induced by links with _target=\_blank_ attribute #91
+- asynchronously initialize the service worker using \<script defer\> #78
+- Link preloading : preload only once #99
+- \[bug\] fix invalid configuration path #94
+- \[bug\] the minification produced invalid HTML when the HTML provided had missing space between attributes #88
+- \[bug\] the protocol is removed in the HTML content instead of href|src attributes only
+- \[bug\] fix an uncaught javascript error in the service worker js #78
+- \[bug\] fix 404 error when Hotlink protection is ON and cache files is OFF #78i
+- \[bug\] fix ignored javascript are removed from the page #96
+
 ## 2.7.3
 
 - change Upgrade-Insecure-Requests to be used as a CSP setting instead of an HTTP header
@@ -31,14 +50,14 @@
 - Implement instant page loading
 - Replace ugify-es with terser. Use configuration files to build scripts instead of shell commands
 - missing translation added
-- Access-Control-Allow-Origin is always set to '*'
+- Access-Control-Allow-Origin is always set to '\*'
 - Create links to resources that expire after a given time
 - \[Bug\] Missed cache lead to performance issue when parse critical css returns an empty string
-  
+
 ## 2.6.1
- 
+
 - Add documentation
-  
+
 ## 2.6.0
 
 - partly cache security

diff --git a/README.md b/README.md
@@ -13,6 +13,7 @@ Here are some features provided by this plugin
 ## HTML
 
 - HTML minification
+- preserve IE conditional comments
 
 ## Javascript
 
@@ -42,9 +43,11 @@ Here are some features provided by this plugin
 
 ## Performance
 
+- configurable HTTP caching headers
 - optimizations are enforced when the client sends [Save-Data HTTP header](https://developers.google.com/web/fundamentals/performance/optimizing-content-efficiency/save-data/)
 - dns prefetch
 - profile plugin performance using HTTP server timing headers
+- precompressed cached files using brotli or gzip.
 
 ## Service Worker
 
@@ -53,6 +56,7 @@ Here are some features provided by this plugin
 - background sync
 - web share target level 2
 - web push notifications using One Signal
+- immediately update the service worker when the manifest settings change
 
 ## Content Security Policy (CSP)
 

diff --git a/ROADMAP.md b/ROADMAP.md
@@ -3,9 +3,9 @@
 ## High priority list
 
 1. implement backgroundFetch API
-2. font-display css property is set only when parse critical css is enabled. it should be set independantly
-3. merge javascript and css files using groups in order to leverage cache. for example we can merge common libraries in one bundle and other files which depend on the current page in another bundle
-4. lower the priority of the service worker initialization script
+2. make the custom pwa prompt optional and configurable. the user may choose to use the browser defaults.
+3. font-display css property is set only when parse critical css is enabled. it should be set independantly
+4. merge javascript and css files using groups in order to leverage cache. for example we can merge common libraries in one bundle and other files which depend on the current page in another bundle
 5. implement new manifest file [properties](https://developer.mozilla.org/en-US/docs/Web/Manifest)
 6. customize image quality settings (jpeg image quality, jpeg optimization method)
 7. improved LQIP for [jpeg files](https://www.smashingmagazine.com/2019/08/faster-image-loading-embedded-previews/)

diff --git a/autoload.php b/autoload.php
@@ -14,6 +14,8 @@
 
 defined('_JEXEC') or die;
 
+require __DIR__.'/vendor/autoload.php';
+
 spl_autoload_register(function ($name) {
 
 	if (strpos($name, '\\') === 0) {

diff --git a/build.sh b/build.sh
@@ -3,24 +3,26 @@
 # npm install --save-dev terser
 ## before you run uglify on WSL, you need to install it there
 DIR=$(cd -P -- "$(dirname -- "$0")" && pwd -P)
+DATE=$(date '+%F %H:%M:%S%:z')
+VER=$(git rev-parse --short HEAD)
 cd $DIR
 #
 #
 node rollup.config.js
 #
-cat worker/dist/serviceworker.js | sed "s/build-date/$(date '+%F %H:%M:%S%:z')/g" | sed "s/build-id/$(git rev-parse --short HEAD)/g" > worker/dist/serviceworker.js
+cat worker/dist/serviceworker.js | sed "s/build-date/$DATE/g" | sed "s/build-id/$VER/g" > worker/dist/serviceworker.js
 #
 ./node_modules/terser/bin/terser --warn --comments all --beautify beautify=true,preamble='"/* do not edit! */"' --ecma=8\
- -- worker/src/browser.js | sed "s/build-date/$(date '+%F %H:%M:%S%:z')/g" | sed "s/build-id/$(git rev-parse --short HEAD)/g" > worker/dist/browser.js
+ -- worker/src/browser.js | sed "s/build-date/$DATE/g" | sed "s/build-id/$VER/g" > worker/dist/browser.js
 #
 ./node_modules/terser/bin/terser --warn --comments all --beautify beautify=true,preamble='"/* do not edit! */"' --ecma=8\
- -- worker/src/browser.administrator.js | sed "s/build-date/$(date '+%F %H:%M:%S%:z')/g" | sed "s/build-id/$(git rev-parse --short HEAD)/g" > worker/dist/browser.administrator.js
+ -- worker/src/browser.administrator.js | sed "s/build-date/$DATE/g" | sed "s/build-id/$VER/g" > worker/dist/browser.administrator.js
 #
 ./node_modules/terser/bin/terser --warn --comments all --beautify beautify=true,preamble='"/* do not edit! */"' --ecma=8\
- -- worker/src/browser.sync.js | sed "s/build-date/$(date '+%F %H:%M:%S%:z')/g" | sed "s/build-id/$(git rev-parse --short HEAD)/g" > worker/dist/browser.sync.js
+ -- worker/src/browser.sync.js | sed "s/build-date/$DATE/g" | sed "s/build-id/$VER/g" > worker/dist/browser.sync.js
 #
 ./node_modules/terser/bin/terser --warn --comments all --beautify beautify=true,preamble='"/* do not edit! */"' --ecma=8\
- -- worker/src/browser.uninstall.js | sed "s/build-date/$(date '+%F %H:%M:%S%:z')/g" | sed "s/build-id/$(git rev-parse --short HEAD)/g" > worker/dist/browser.uninstall.js
+ -- worker/src/browser.uninstall.js | sed "s/build-date/$DATE/g" | sed "s/build-id/$VER/g" > worker/dist/browser.uninstall.js
 #
 node terser.config.js
 #

diff --git a/composer.json b/composer.json
@@ -0,0 +1,5 @@
+{
+    "require": {
+        "lordelph/icofileloader": "^2.0"
+    }
+}
diff --git a/docs/README.md b/docs/README.md
@@ -13,6 +13,8 @@ Here are some features provided by this plugin
 ## HTML
 
 - HTML minification
+- preserve IE conditional comments
+- precompress assets using brotli or gzip
 
 ## Javascript
 
@@ -42,9 +44,11 @@ Here are some features provided by this plugin
 
 ## Performance
 
+- configurable HTTP caching headers
 - optimizations are enforced when the client sends [Save-Data HTTP header](https://developers.google.com/web/fundamentals/performance/optimizing-content-efficiency/save-data/)
 - dns prefetch
 - profile plugin performance using HTTP server timing headers
+- precompressed cached files using brotli or gzip.
 
 ## Service Worker
 
@@ -53,6 +57,7 @@ Here are some features provided by this plugin
 - background sync
 - web share target level 2
 - web push notifications using One Signal
+- immediately update the service worker when the manifest settings change
 
 ## Content Security Policy (CSP)
 
@@ -66,7 +71,6 @@ Configure almost every csp level 3 settings to your liking:
 ## Security
 
 - Sub Resource Integrity
-- Content Security Policy Level 3: control execution of scripts, css, frames, workers in every web page
 - HSTS header configuration
 - XSS-PROTECTION header configuration
 - X-Frames-Options configuration
@@ -77,4 +81,4 @@ Configure almost every csp level 3 settings to your liking:
 - configure link lifetime
 
 The complete list of features is available in the [online documentation](https://tbela99.github.io/gzip/)
-and the [change log](https://github.com/tbela99/gzip/blob/master/CHANGELOG.md)
+and the [change log](./CHANGELOG.md)
diff --git a/docs/http.md b/docs/http.md
@@ -34,6 +34,20 @@ Enable or disable DNS prefetch
 
 Choose which resource type will be pushed to the browser using HTTP push. Your web server need to use HTTP/2 for this feature to work properly.
 
+## HTTP Compression Settings
+
+### Precompress Files
+
+If Yes store a compressed copy of the file in the cache. This will improve performance because files are compressed once and reused. Supported compressed algorithms are GZIP and Brotli. Brotli support requires the PHP Brotli extension. Brotli is only available with HTTPS by design
+
+### Minimum File Size
+
+Will not attempt to compress and store copy of files smaller than the given size. Set to _0_ to ignore this setting
+
+### Maximum File Size
+
+Will not attempt to compress and store copy of files larger than the given size. Set to _0_ to ignore this setting
+
 ## HTTP Cache Settings
 
 ### Cache File

diff --git a/docs/images.md b/docs/images.md
@@ -4,6 +4,10 @@ Configure images settings: automatic conversion, resizing, lazyloading and respo
 
 ![Images settings](./img/images-settings.PNG)
 
+## Requirement
+
+Image processing requires the gd library
+
 ## General Settings
 
 ### Process Images
@@ -29,16 +33,31 @@ Images that match any pattern you specify here will be ignored. Example: ignore
 
 ### Convert Images to Webp
 
-Convert images to Webp. Webp produce smaller images than jpg or png.
+Convert images to Webp when this format is supported by the browser. Webp produce smaller images than jpg or png. The browser must advertise webp support through the Accept http header.
+Firefox will send this header
+
+```http
+Accept: image/webp,*/*
+```
 
 ### Crop Method
 
-Algorithm used when resizing images. Values are
+Algorithm used when resizing images. Values are:
+
+#### Default
+.
+
+#### Center
+
+ Crop the image from its center
+
+#### Entropy
+
+.
+
+#### Face Detection
 
-- Default
-- Center
-- Entropy
-- Face Detection
+try to crop the region captured by the face detection algorithm
 
 ### Image Placeholder
 

diff --git a/docs/img/web-share-target.jpg b/docs/img/web-share-target.jpg
diff --git a/docs/logo.svg b/docs/logo.svg
diff --git a/docs/security.md b/docs/security.md
@@ -6,14 +6,13 @@ Configure security features
 
 Configure security settings such as XSS protection or HSTS
 
-## Subresource Integrity Checksum (SRI)
+## New Window
 
-Prevent script and css tampering by adding a signature to the HTML tag. Values are
+Attempt to fix security issues associated with _target=\_blank_
 
-- None: do not set the SRI
-- SHA256: compute SRI using SHA256
-- SHA384: compute SRI using SHA384
-- SHA512: compute SRI using SHA512
+### Fix Links with target=\_blank
+
+Automatically fix security and performance issues induced by target=\_blank by adding _rel="opener"_ or _rel="noreferrer"_ or both values
 
 ## HSTS (HTTP Strict-Transport-Security)
 
@@ -65,6 +64,15 @@ Configure XSS-Protection header. Values are
 - Block: enable XSS-Protection filtering. The browser will block page rendering if anattack is detected
 - Block and Report: enable XSS-Protection filtering. The browser will sanitize the page and report the violation to the URI configured with _XSS Report URL_ setting
 
+## Subresource Integrity Checksum (SRI)
+
+Prevent script and css tampering by adding a signature to the HTML tag. Values are
+
+- None: do not set the SRI
+- SHA256: compute SRI using SHA256
+- SHA384: compute SRI using SHA384
+- SHA512: compute SRI using SHA512
+
 ## Misc
 
 ### Meta Generator

diff --git a/docs/service-worker.md b/docs/service-worker.md
@@ -26,7 +26,7 @@ Enable or disable debug mode in the service worker.
 
 ### Cache URLs
 
-Provide a list of urls available offline.
+The list of urls available offline. These urls will be cached when the service worker is installed, making them available offline
 
 ```text
 /
@@ -44,15 +44,15 @@ Provide a list of urls that will never be cached by the service worker
 
 ## Offline Page Settings
 
-The offline page is shown whenever the browser cannot load the page. Offline page appearance can be customized with tge settings below.
- 
+The offline page is shown whenever the browser cannot load the page. Offline page appearance can be customized with the settings below.
+
 ### Enable Offline Page
 
 Enable or disable offline page support.
 
 ### Offline Method
 
-Configure which requests methods are intercepted by the service worker. You can configure the service worker to intercept GET, POST or any method that return the offline page whenever the request fails.
+Configure which requests methods are intercepted by the service worker. You can configure the service worker to intercept GET, POST or ANY method. it will return the offline page whenever a request fails.
 
 ### Preferred Offline Page
 
@@ -107,7 +107,16 @@ Configure the app display mode
 
 ### Apps Icons Directory
 
-Select the directory that contains your app icons. The directory must be located under the /images folder of your Joomla website
+Select the directory that contains your app icons. The directory must be located under the /images folder of your Joomla website.
+Supported formats are ICO JPG PNG and WEBP
+
+### Apps Icons Purpose
+
+The app icon purpose. see [MDN](https://developer.mozilla.org/en-US/docs/Web/Manifest/icons#Values)
+
+### Apps Screenshots
+
+The app screenshots folder. see [MDN](https://developer.mozilla.org/en-US/docs/Web/Manifest/screenshots)
 
 ### Prefer Native Apps
 

diff --git a/docs/settings.md b/docs/settings.md
@@ -6,12 +6,22 @@ Configure general settings
 
 ## Debug
 
-If yes, load plugin's unminified css and javascript files, otherwise load minified versions.
+If yes, load plugin's unminified plugin css and javascript files, otherwise load minified versions.
 
-## Minify HTML
+## HTML Settings
+
+### Minify HTML
 
 Enable or disable HTML minification.
 
+### IE Conditional Comments
+
+Do not remove IE Conditional Comments
+
+### Force Space Between Attributes
+
+Fix invalid HTML by forcing space between HTML attributes before minifying
+
 ## Hotlink Protection
 
 Configure hotlink protection features.
@@ -79,4 +89,4 @@ Configure links pattern to be either blacklist or whitelist
 
 ### Links Pattern
 
-Use links that match the provided patterns
+Use links that match the provided patterns