#94 Public CDN usage + Syntax Highlighting
Hi! Thanks for the feedback. The Nest is being rewritten from scratch, I’ll make sure we don’t have those anymore. The new version uses Svelte, which has more potential for server-side rendering.
Btw, we use Cloudflare anyway as a load balancer, and this is unlikely to change, as the new Nest will be serverless.
But the architecture is also set up to be self-hostable so certain entities could be avoided?
Cloudflare has released their runtime, but in any case, reproducing it shouldn’t be hard, the core of their service is the infrastructure, not a javascript runtime.
The runtime has to work with their infrastructure, so I think the core of their service is both the runtime and the infrastructure.
This is fixed now, btw. Thanks for raising this issue.
Public CDNs Are Useless and Dangerous and the will not offer a performance benefit with many downsides. Currently Nest connects its users to Cloudflare, an entity with privacy implications to users, for a highlight.js theme without a hash to verify whether the resource has been tampered with.
Possible solutions:
However, stepping back there is another tangential feature that could be discussed: should syntax highlighting even happen on the client side at all? The act of highlighting syntax should be have the same result every time, so why should all downstream clients reading be executing JavaScript to parse source when it could have been done once by the server? This not only is this wasteful for devices/batteries, but it’s bad for loading times, and means highlighting feature requires JavaScript to be enabled. Perhaps there is a server side solution that removes Highlight from this equation.
I understand there is a rewrite, but I hope these concerns could be considered.