Link prefetching allows web browsers to pre-load resources. This speeds up both the loading and rendering of web pages. Prefetching was first introduced in HTML5.
Prefetching in HTML5
There are two W3C standards covering prefetching for HTML5:
- Link preload
- Resource hints
- Hints to the browser. Common hints include DNS queries, opening TCP connections, and page pre-rendering.
HTML5 methods for prefetch hints:
- Standard link prefetch (supported by most browsers):
<link rel="prefetch" href="http://www.example.com/">
- DNS prefetch (Mozilla Firefox, Google Chrome, and others):
<link rel="dns-prefetch" href="http://example.com/">
- Page pre-rendering (Google Chrome, Internet Explorer and others):
<link rel="prerender" href="/page/to/prerender">
- Lazy-load of images (Internet Explorer):
<img src="image.jpg" lazyload>
Link for HTTP headers: Example below.
Link: <//pagead2.googlesyndication.com>; rel=dns-prefetch, </js/bootstrap.min.js>; as=script; rel=preload, </ads.html>; rel=prerender, </css/bootstrap.min.css>; as=style; rel=preload
|Standard link prefetching||DNS prefetching||Prerendering||Lazy-load (Images)|
- iCab, Mozilla Application Suite, and WebTV are the first referenced browsers to support link prefetching.
- Browsing using a Google Web Accelerator (discontinued product, may technically be called precaching)
- The Blue Coat proxy appliance is known to use non‑compliant prefetching.
- Mozilla Firefox supports DNS prefetching, as of version 3.5.
- Google Chrome supports prefetching of linked web content by "prerendering", as of version 11.
- Internet Explorer supports prefetching of IP addresses by "DNS prefetching", as of version 9.
- As of version 11, Internet Explorer supports the following set of features to expand its prefetching capabilities: "prerender", "dns-prefetch" and "lazyload" (images only).
Popular sites using prefetching
- Google is the most well-known website that takes advantage of this feature so as to improve the user experience. If the first hit is considered very probable to be the desired hit, it is assigned as a prefetchable link.
- Bing has employed the use of prefetching and preloading since the release of Internet Explorer 11 (October 2013).
Issues and criticisms
An issue inherent to indiscriminate link prefetching involves the misuse of "safe" HTTP methods. The HTTP GET and HEAD requests are said to be "safe", i.e., a user agent that issues one of these requests should expect that the request results in no change on the recipient server. However, it is common for website operators to use these requests outside of this constraint. Plain hyperlinks (which almost universally result in GET requests) are often used to implement logout functionality and account verification, e.g., when a user completes an account creation form, and an automated service sends a verification e-mail to the user's given e-mail address.
Similarly, it is entirely possible for a hosting service to provide a Web front end to manage files, including links that delete one or more files. Users who visit pages containing these types of links, (whilst using a browser which employs an indiscriminate link prefetcher), might find that they have been logged out or that their files have been deleted.
Additionally, there are a number of criticisms regarding the privacy and resource usage implications of link prefetching:
- Cookies set or sent to third parties compromise Web privacy.
- Enables essentially/borderline Zero-click attack malware installation via 0day merely because a malware-spreading link is prefetched.
- Users and website operators who pay for the amount of bandwidth they use find themselves paying for traffic for pages the user might not actually visit, and advertisers might pay for viewed ads on sites that are never visited.
- Web statistics such as browser usage, search engine referers, and page hits may become less reliable due to registering page hits that were never seen by the user.
- Users may be exposed to more security risks by downloading more pages, or from un-requested sites (additionally compounded as drive-by downloads become more advanced and diverse).
- Users may violate acceptable-use policies of their network or organisation if prefetching accesses unauthorised content.
In the case of mobile devices or for users with a limited bandwidth allowance, prefetching may result in an unnecessary costly drain on limited bandwidth.
It is possible for implementations to prefetch links even when they are not specified as prefetch links.
- "Preload". w3c.github.io. Retrieved 2016-03-19.
- "Resource Hints". w3c.github.io. Retrieved 2016-03-19.
- "Web Linking". RFC 5988. IETF. Retrieved 2016-03-19.
- "Resource Hints (Example 6)". Resource Hints: W3C Working Draft. W3C. Retrieved 2016-10-31.
- "Prebrowsing". Steve Souders. 2013-10-07.
- "Getting to the Content You Want, Faster in IE11". IEBlog, Microsoft. 2013-12-04. Archived from the original on 2014-05-12.
- "Bug 730101 - Implement prerendering in Firefox". Mozilla. 2014-10-18.
- Fisher, Darin; Saksena, Gagan. "Link Prefetching in Mozilla: A Server-Driven Approach" (PDF). Retrieved 2014-05-09.
- "Controlling DNS prefetching". Retrieved 2014-05-09.
- "Web Developer's Guide to Prerendering in Chrome". Retrieved 2014-05-09.
- "Internet Explorer 9 Network Performance Improvements". Retrieved 2014-05-09.
- "About Google Instant". Retrieved 2014-05-09.
- Fielding, Roy; Gettys, Jim; Mogul, Jeffrey; Frystyk, Henrik; Masinter, Larry; Leach, Paul; Berners-Lee, Tim (June 1999). "Safe Methods". Hypertext Transfer Protocol—HTTP/1.1. Network Working Group. IETF. p. 50. sec. 9.1.1. doi:10.17487/RFC2616. RFC 2616. Retrieved 2009-12-16.
- various (2009). "Mouseover Prefetch?". Gervase Markham, MozillaZine. Archived from the original on 2009-05-31. Retrieved 2009-12-16.