Third-Party Script Audit Checklist

  November 14, 2019

The average website makes 20 JavaScript requests that transfer 410kb of data with each page load. This is according to HTTPArchive. Scripts are behind everything from analytics to advertising, so they affect everything.

And now it’s easier than ever for non-technical users to insert these scripts – thanks to to Google Tag Manager and similar tools – without regard for the performance impact. It kills website speed.

Slow performance has a direct impact on the user experience and bottom line. Researchers have found that 47% of customers expect a website to load in 2 seconds or less. Each second of delay leads to a 7% reduction in conversions. Nearly 80% of customers who leave dissatisfied with a website's performance won't come back.

Check out our article on Why You Should Always Load Test Scripts and Plugins

Use this checklist when evaluating new scripts or plugins to ensure that they don’t degrade performance or cause other issues.

  • How many requests does the script make to external servers?
  • How big is the JavaScript file and how long does it take to execute
  • Can you use ASYNC or DEFER tags to avoid blocking DOM construction?
  • Can the requests be pre-fetched to reduce the DNS resolution time?
  • Does the script use legacy APIs, such as document.write()?
  • Does the script pull in frameworks that are already being loaded by other scripts or your underlying application (e.g. jQuery)?
  • Are there excessive DOM elements or expensive CSS selectors?
  • Does the plugin have a predictable API or update schedule to avoid future breaking changes?
  • Does the plugin introduce any privacy or legal concerns, such as GDPR requirements?
  • Does the plugin introduce any security concerns?

Ready to get started? Sign up for your free, 14-day LoadNinja trial today.