Nellie's working overtime

hint #1: 'link[referrerpolicy]' is not supported by Chrome < 51, Edge, iOS Safari.

<link rel="preconnect" href="https://csaba.page" referrerpolicy="origin">

hint #2: 'link[referrerpolicy]' is not supported by Chrome < 51, Edge, iOS Safari.

<link rel="preconnect" href="https://stackexchange.com" referrerpolicy="origin">

hint #3: 'img[decoding]' is not supported by Safari, iOS Safari.

<img decoding="async" alt="Visual Studio Theme Artwork" src="/images/featurettes/vs_tips.webp" class="i-amphtml-fill-content i-amphtml-replaced-content">

hint #4: 'img[decoding]' is not supported by Safari, iOS Safari.

<img decoding="async" alt="Visual Studio Theme Artwork" src="/images/featurettes/vs_bikes.webp" class="i-amphtml-fill-content i-amphtml-replaced-content">

hint #5: 'img[decoding]' is not supported by Safari, iOS Safari.

<img decoding="async" alt="Python Django logos" src="/images/featurettes/python-django.webp" class="i-amphtml-fill-content i-amphtml-replaced-content">

hint #6: 'img[decoding]' is not supported by Safari, iOS Safari.

<img decoding="async" alt="Visual Studio Theme Artwork" src="/images/featurettes/vs_kb.webp" class="i-amphtml-fill-content i-amphtml-replaced-content">

hint #7: 'img[decoding]' is not supported by Safari, iOS Safari.

<img decoding="async" alt="Visual Studio Theme Artwork" src="/images/featurettes/vs2015skus.webp" class="i-amphtml-fill-content i-amphtml-replaced-content">

hint #8: 'img[decoding]' is not supported by Safari, iOS Safari.

<img decoding="async" alt="Visual Studio Theme Artwork" src="/images/featurettes/HTML5-CSS3-JS.webp" class="i-amphtml-fill-content i-amphtml-replaced-content">

content-type: 10 hints

hint #1: 'content-type' header charset value should be 'utf-8'.

Content-Type: text/javascript

hint #2: 'content-type' header charset value should be 'utf-8'.

Content-Type: text/javascript

hint #3: 'content-type' header charset value should be 'utf-8'.

Content-Type: text/javascript

hint #4: 'content-type' header charset value should be 'utf-8'.

Content-Type: text/javascript

hint #5: 'content-type' header charset value should be 'utf-8'.

Content-Type: text/javascript

hint #6: 'content-type' header charset value should be 'utf-8'.

Content-Type: text/javascript

hint #7: 'content-type' header charset value should be 'utf-8'.

Content-Type: text/javascript

hint #8: 'content-type' header charset value should be 'utf-8'.

Content-Type: text/javascript

hint #9: 'content-type' header charset value should be 'utf-8'.

Content-Type: text/javascript

hint #10: 'content-type' header charset value should be 'utf-8'.

Content-Type: application/manifest+json

PWA

No issues

Performance

http-cache: 27 hints

hint #1: The target should not be cached, or have a small "max-age" value (180): max-age=600

https://fonts.gstatic … FOmCnqEu92Fr1Mu4mxK.woff2

Cache-Control: max-age=600

hint #2: Static resources should use the "immutable" directive: Directives used: public, max-age=31536000

Cache-Control: public, max-age=31536000

hint #3: The following directive has an invalid value: stale-while-revalidate=604800

Cache-Control: private, max-age=604800, stale-while-revalidate=604800

hint #4: The following directive has an invalid value: stale-while-revalidate=604800

Cache-Control: private, max-age=604800, stale-while-revalidate=604800

hint #5: The following directive has an invalid value: stale-while-revalidate=1206600

Cache-Control: private, max-age=3000, stale-while-revalidate=1206600

hint #6: The following directive has an invalid value: stale-while-revalidate=604800

Cache-Control: private, max-age=604800, stale-while-revalidate=604800

hint #7: The following directive has an invalid value: stale-while-revalidate=604800

Cache-Control: private, max-age=604800, stale-while-revalidate=604800

hint #8: The following directive has an invalid value: stale-while-revalidate=604800

Cache-Control: private, max-age=604800, stale-while-revalidate=604800

hint #9: The following directive has an invalid value: stale-while-revalidate=604800

https://csaba.page/images … featurettes/vs_tips.webp

Cache-Control: private, max-age=604800, stale-while-revalidate=604800

hint #10: Static resources should have a long cache value (31536000): Directives used: max-age=14400

Cache-Control: max-age=14400

hint #11: Static resources should use the "immutable" directive: Directives used: max-age=14400

https://csaba.page/images … featurettes/vs_tips.webp

Cache-Control: max-age=14400

hint #12: Static resources should have a long cache value (31536000): Directives used: max-age=14400

https://csaba.page/images … featurettes/vs_bikes.webp

Cache-Control: max-age=14400

hint #13: Static resources should use the "immutable" directive: Directives used: max-age=14400

https://csaba.page/images … featurettes/vs_bikes.webp

Cache-Control: max-age=14400

hint #14: Static resources should have a long cache value (31536000): Directives used: max-age=14400

https://csaba.page/images … rettes/python-django.webp

Cache-Control: max-age=14400

hint #15: Static resources should use the "immutable" directive: Directives used: max-age=14400

https://csaba.page/images … rettes/python-django.webp

Cache-Control: max-age=14400

hint #16: Static resources should have a long cache value (31536000): Directives used: max-age=14400

https://csaba.page/images … aturettes/vs2015skus.webp

Cache-Control: max-age=14400

hint #17: Static resources should use the "immutable" directive: Directives used: max-age=14400

https://csaba.page/images … aturettes/vs2015skus.webp

Cache-Control: max-age=14400

hint #18: Static resources should have a long cache value (31536000): Directives used: max-age=14400

https://csaba.page/images … rettes/HTML5-CSS3-JS.webp

Cache-Control: max-age=14400

hint #19: Static resources should use the "immutable" directive: Directives used: max-age=14400

https://csaba.page/images … rettes/HTML5-CSS3-JS.webp

Cache-Control: max-age=14400

hint #20: Static resources should have a long cache value (31536000): Directives used: max-age=14400

Cache-Control: max-age=14400

hint #21: Static resources should use the "immutable" directive: Directives used: max-age=14400

Cache-Control: max-age=14400

hint #22: Static resources should use the "immutable" directive: Directives used: public, max-age=31536000

Cache-Control: public, max-age=31536000

hint #23: Static resources should use the "immutable" directive: Directives used: public, max-age=31536000

Cache-Control: public, max-age=31536000

hint #24: Static resources should have a long cache value (31536000): Directives used: max-age=14400

Cache-Control: max-age=14400

hint #25: Static resources should use the "immutable" directive: Directives used: max-age=14400

Cache-Control: max-age=14400

hint #26: Static resources should have a long cache value (31536000): Directives used: max-age=600

Cache-Control: max-age=600

hint #27: Static resources should use the "immutable" directive: Directives used: max-age=600

Cache-Control: max-age=600

http-compression: 16 hints

hint #1: Response should include 'vary' header containing 'accept-encoding' value.

Vary: origin
Cache-Control: max-age=600

hint #2: Response should be compressed with Zopfli when gzip compression is requested.

<script async="" custom-element="amp-lightbox" src="https://cdn.ampproject.org/v0/amp-lightbox-0.1.js">

hint #3: Response should be compressed with Zopfli when gzip compression is requested.

<script async="" custom-element="amp-install-serviceworker" src="https://cdn.ampproject.org/v0/amp-install-serviceworker-0.1.js" crossorigin="anonymous">

hint #4: Response should be compressed with Zopfli when gzip compression is requested.

<script async="" src="https://cdn.ampproject.org/v0.js" crossorigin="anonymous"></script>

hint #5: Response should be compressed with Zopfli when gzip compression is requested.

<script async="" custom-element="amp-consent" src="https://cdn.ampproject.org/v0/amp-consent-0.1.js" crossorigin="anonymous">

hint #6: Response should be compressed with Zopfli when gzip compression is requested.

<script async="" custom-element="amp-sidebar" src="https://cdn.ampproject.org/v0/amp-sidebar-0.1.js" crossorigin="anonymous">

hint #7: Response should be compressed with Zopfli when gzip compression is requested.

<script async="" custom-element="amp-analytics" src="https://cdn.ampproject.org/v0/amp-analytics-0.1.js" crossorigin="anonymous">

hint #8: Response should be compressed with Zopfli when gzip compression is requested.

<script async="" custom-element="amp-social-share" src="https://cdn.ampproject.org/v0/amp-social-share-0.1.js" crossorigin="anonymous">

hint #9: Response should be compressed with Zopfli when gzip compression is requested.

<script async="" custom-element="amp-auto-lightbox" data-script="amp-auto-lightbox" i-amphtml-inserted="" crossorigin="anonymous" src="https://cdn.ampproject.org/rtv/012005151844001/v0/amp-auto-lightbox-0.1.js">

hint #10: Response should be compressed with Zopfli when gzip compression is requested.

<script async="" custom-element="amp-lightbox-gallery" data-script="amp-lightbox-gallery" i-amphtml-inserted="" crossorigin="anonymous" src="https://cdn.ampproject.org/rtv/012005151844001/v0/amp-lightbox-gallery-0.1.js">

hint #11: Response should be compressed with Zopfli when gzip compression is requested.

hint #12: Response should include 'vary' header containing 'accept-encoding' value.

Vary: origin, accept-encoding
Cache-Control: max-age=14400

hint #13: Response should include 'vary' header containing 'accept-encoding' value.

Vary: origin, accept-encoding
Cache-Control: max-age=14400

hint #14: Response should be compressed with Zopfli when gzip compression is requested.

<link rel="manifest" href="/manifest.webmanifest" crossorigin="use-credentials">

hint #15: Response should include 'vary' header containing 'accept-encoding' value.

Vary: origin
Cache-Control: max-age=600

hint #16: Response should include 'vary' header containing 'accept-encoding' value.

Vary: origin
Cache-Control: max-age=600

no-html-only-headers: 10 hints

https://fonts.gstatic … FOmCnqEu92Fr1Mu4mxK.woff2

hint #1: Response should not include unneeded 'x-xss-protection' header.

<link rel="preload" as="font" href="https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2" type="font/woff2" crossorigin="anonymous">

hint #2: Response should not include unneeded 'x-xss-protection' header.

<script async="" custom-element="amp-lightbox" src="https://cdn.ampproject.org/v0/amp-lightbox-0.1.js">

hint #3: Response should not include unneeded 'x-xss-protection' header.

<script async="" custom-element="amp-install-serviceworker" src="https://cdn.ampproject.org/v0/amp-install-serviceworker-0.1.js" crossorigin="anonymous">

hint #4: Response should not include unneeded 'x-xss-protection' header.

<script async="" src="https://cdn.ampproject.org/v0.js" crossorigin="anonymous"></script>

hint #5: Response should not include unneeded 'x-xss-protection' header.

<script async="" custom-element="amp-consent" src="https://cdn.ampproject.org/v0/amp-consent-0.1.js" crossorigin="anonymous">

hint #6: Response should not include unneeded 'x-xss-protection' header.

<script async="" custom-element="amp-sidebar" src="https://cdn.ampproject.org/v0/amp-sidebar-0.1.js" crossorigin="anonymous">

hint #7: Response should not include unneeded 'x-xss-protection' header.

<script async="" custom-element="amp-analytics" src="https://cdn.ampproject.org/v0/amp-analytics-0.1.js" crossorigin="anonymous">

hint #8: Response should not include unneeded 'x-xss-protection' header.

<script async="" custom-element="amp-social-share" src="https://cdn.ampproject.org/v0/amp-social-share-0.1.js" crossorigin="anonymous">

hint #9: Response should not include unneeded 'x-xss-protection' header.

<script async="" custom-element="amp-auto-lightbox" data-script="amp-auto-lightbox" i-amphtml-inserted="" crossorigin="anonymous" src="https://cdn.ampproject.org/rtv/012005151844001/v0/amp-auto-lightbox-0.1.js">

hint #10: Response should not include unneeded 'x-xss-protection' header.

<script async="" custom-element="amp-lightbox-gallery" data-script="amp-lightbox-gallery" i-amphtml-inserted="" crossorigin="anonymous" src="https://cdn.ampproject.org/rtv/012005151844001/v0/amp-lightbox-gallery-0.1.js">

performance-budget: 1 hints

hint #1: To load all the resources on a 4G network, it will take about 6.8s in optimal conditions (that is 1.8s more than the 5s target).

image-optimization-cloudinary: 1 hints

https://csaba.page/images … aturettes/vs2015skus.webp

hint #1: 'https://csaba.page/imag … turettes/vs2015skus.webp' could be around 7.51kB (53%) smaller.

<img decoding="async" alt="Visual Studio Theme Artwork" src="/images/featurettes/vs2015skus.webp" class="i-amphtml-fill-content i-amphtml-replaced-content">

Pitfalls

button-type: 3 hints

hint #1: Button type attribute has not been set

<button class="i-amphtml-screen-reader" tabindex="-1">Close the sidebar</button>

hint #2: Button type attribute has not been set

<button class="i-amphtml-screen-reader" tabindex="-1">Close the sidebar</button>

hint #3: Button type attribute has not been set

<button class="i-amphtml-screen-reader" tabindex="-1">Close the sidebar</button>

Security

sri: 9 hints

hint #1: Cross-origin resource <a href="https://cdn.ampproject.org/v0/amp-lightbox-0.1.js">https://cdn.ampproject.org/v0/amp-lightbox-0.1.js</a> needs a "crossorigin" attribute to be eligible for integrity validation

<script async="" custom-element="amp-lightbox" src="https://cdn.ampproject.org/v0/amp-lightbox-0.1.js">

hint #2: Resource <a href="https://cdn.ampproject.org/v0/amp-install-serviceworker-0.1.js">https://cdn.ampproject.org/v0/amp-install-serviceworker-0.1.js</a> requested without the "integrity" attribute

<script async="" custom-element="amp-install-serviceworker" src="https://cdn.ampproject.org/v0/amp-install-serviceworker-0.1.js" crossorigin="anonymous">

hint #3: Resource <a href="https://cdn.ampproject.org/v0.js">https://cdn.ampproject.org/v0.js</a> requested without the "integrity" attribute

<script async="" src="https://cdn.ampproject.org/v0.js" crossorigin="anonymous"></script>

hint #4: Resource <a href="https://cdn.ampproject.org/v0/amp-consent-0.1.js">https://cdn.ampproject.org/v0/amp-consent-0.1.js</a> requested without the "integrity" attribute

<script async="" custom-element="amp-consent" src="https://cdn.ampproject.org/v0/amp-consent-0.1.js" crossorigin="anonymous">

hint #5: Resource <a href="https://cdn.ampproject.org/v0/amp-sidebar-0.1.js">https://cdn.ampproject.org/v0/amp-sidebar-0.1.js</a> requested without the "integrity" attribute

<script async="" custom-element="amp-sidebar" src="https://cdn.ampproject.org/v0/amp-sidebar-0.1.js" crossorigin="anonymous">

hint #6: Resource <a href="https://cdn.ampproject.org/v0/amp-analytics-0.1.js">https://cdn.ampproject.org/v0/amp-analytics-0.1.js</a> requested without the "integrity" attribute

<script async="" custom-element="amp-analytics" src="https://cdn.ampproject.org/v0/amp-analytics-0.1.js" crossorigin="anonymous">

hint #7: Resource <a href="https://cdn.ampproject.org/v0/amp-social-share-0.1.js">https://cdn.ampproject.org/v0/amp-social-share-0.1.js</a> requested without the "integrity" attribute

<script async="" custom-element="amp-social-share" src="https://cdn.ampproject.org/v0/amp-social-share-0.1.js" crossorigin="anonymous">

hint #8: Resource <a href="https://cdn.ampproject.org/rtv/012005151844001/v0/amp-auto-lightbox-0.1.js">https://cdn.ampproject.org/rtv/012005151844001/v0/amp-auto-lightbox-0.1.js</a> requested without the "integrity" attribute

<script async="" custom-element="amp-auto-lightbox" data-script="amp-auto-lightbox" i-amphtml-inserted="" crossorigin="anonymous" src="https://cdn.ampproject.org/rtv/012005151844001/v0/amp-auto-lightbox-0.1.js">

hint #9: Resource <a href="https://cdn.ampproject.org/rtv/012005151844001/v0/amp-lightbox-gallery-0.1.js">https://cdn.ampproject.org/rtv/012005151844001/v0/amp-lightbox-gallery-0.1.js</a> requested without the "integrity" attribute

<script async="" custom-element="amp-lightbox-gallery" data-script="amp-lightbox-gallery" i-amphtml-inserted="" crossorigin="anonymous" src="https://cdn.ampproject.org/rtv/012005151844001/v0/amp-lightbox-gallery-0.1.js">

strict-transport-security: 10 hints

hint #1: 'strict-transport-security' header was not specified

https://fonts.gstatic … FOmCnqEu92Fr1Mu4mxK.woff2

hint #2: 'strict-transport-security' header was not specified

<link rel="preload" as="font" href="https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2" type="font/woff2" crossorigin="anonymous">

hint #3: 'strict-transport-security' header was not specified

https://csaba.page/images … featurettes/vs_tips.webp

<img decoding="async" alt="Visual Studio Theme Artwork" src="/images/featurettes/vs_tips.webp" class="i-amphtml-fill-content i-amphtml-replaced-content">

hint #4: 'strict-transport-security' header was not specified

https://csaba.page/images … featurettes/vs_bikes.webp

<img decoding="async" alt="Visual Studio Theme Artwork" src="/images/featurettes/vs_bikes.webp" class="i-amphtml-fill-content i-amphtml-replaced-content">

hint #5: 'strict-transport-security' header was not specified

https://csaba.page/images … rettes/python-django.webp

<img decoding="async" alt="Python Django logos" src="/images/featurettes/python-django.webp" class="i-amphtml-fill-content i-amphtml-replaced-content">

hint #6: 'strict-transport-security' header was not specified

https://csaba.page/images … aturettes/vs2015skus.webp

<img decoding="async" alt="Visual Studio Theme Artwork" src="/images/featurettes/vs2015skus.webp" class="i-amphtml-fill-content i-amphtml-replaced-content">

hint #7: 'strict-transport-security' header was not specified

https://csaba.page/images … rettes/HTML5-CSS3-JS.webp

<img decoding="async" alt="Visual Studio Theme Artwork" src="/images/featurettes/HTML5-CSS3-JS.webp" class="i-amphtml-fill-content i-amphtml-replaced-content">

hint #8: 'strict-transport-security' header was not specified

<img decoding="async" alt="Visual Studio Theme Artwork" src="/images/featurettes/vs_kb.webp" class="i-amphtml-fill-content i-amphtml-replaced-content">

hint #9: 'strict-transport-security' header was not specified

hint #10: 'strict-transport-security' header was not specified

<link rel="manifest" href="/manifest.webmanifest" crossorigin="use-credentials">

x-content-type-options: 9 hints

hint #1: Response should include 'x-content-type-options' header.

https://csaba.page/images … featurettes/vs_tips.webp

hint #2: Response should include 'x-content-type-options' header.

<img decoding="async" alt="Visual Studio Theme Artwork" src="/images/featurettes/vs_tips.webp" class="i-amphtml-fill-content i-amphtml-replaced-content">

hint #3: Response should include 'x-content-type-options' header.

https://csaba.page/images … featurettes/vs_bikes.webp

<img decoding="async" alt="Visual Studio Theme Artwork" src="/images/featurettes/vs_bikes.webp" class="i-amphtml-fill-content i-amphtml-replaced-content">

hint #4: Response should include 'x-content-type-options' header.

https://csaba.page/images … rettes/python-django.webp

<img decoding="async" alt="Python Django logos" src="/images/featurettes/python-django.webp" class="i-amphtml-fill-content i-amphtml-replaced-content">

hint #5: Response should include 'x-content-type-options' header.

https://csaba.page/images … aturettes/vs2015skus.webp

<img decoding="async" alt="Visual Studio Theme Artwork" src="/images/featurettes/vs2015skus.webp" class="i-amphtml-fill-content i-amphtml-replaced-content">

hint #6: Response should include 'x-content-type-options' header.

https://csaba.page/images … rettes/HTML5-CSS3-JS.webp

<img decoding="async" alt="Visual Studio Theme Artwork" src="/images/featurettes/HTML5-CSS3-JS.webp" class="i-amphtml-fill-content i-amphtml-replaced-content">

hint #7: Response should include 'x-content-type-options' header.

<img decoding="async" alt="Visual Studio Theme Artwork" src="/images/featurettes/vs_kb.webp" class="i-amphtml-fill-content i-amphtml-replaced-content">

hint #8: Response should include 'x-content-type-options' header.

hint #9: Response should include 'x-content-type-options' header.