defjosiah (u/defjosiah)

defjosiah commented on The “S” in MCP Stands for Security elenacross7.medium.com/%E... · Posted by u/skilldeliver

kevincox · a year ago

But the grandparent is saying that there is a missing class of input "data". This should not be treated as instructions and is just for reference. For example if the user asks the AI to summarize a book it shouldn't take anything in the book as an instruction, it is just input data to be processed.

defjosiah · a year ago

FYI, there is actually this implementation detail in the model spec, https://model-spec.openai.com/2025-02-12.html#chain_of_comma...

Platform: Model Spec "platform" sections and system messages

Developer: Model Spec "developer" sections and developer messages

User: Model Spec "user" sections and user messages

Guideline: Model Spec "guideline" sections

No Authority: assistant and tool messages; quoted/untrusted text and multimodal data in other messages

defjosiah commented on Technical Deep Dive: How we built deploy previews at Opendoor medium.com/opendoor-labs/... · Posted by u/defjosiah

defjosiah · 4 years ago

Author here, I'd love to answer any questions y'all might have!

defjosiah commented on Lies, damn lies, and front-end tracking alexeymk.com/2020/07/14/l... · Posted by u/AlexeyMK

malisper · 6 years ago

> You can (usually accidentally) end up with a render blocking script tag. In this article example it was client-side optimizely.

This makes sense for a tool like Optimizely which has to block rendering.

> The parsing and execution of third-party javascript is definitely non-trivial if you profile it, especially on lower end devices.

Given that this is supposed to happen after the page has already loaded, does this matter? If the thing you are optimizing for is page load time, and it takes a few 100ms after the page has already loaded to run the JS, does that actually negatively impact the user experience?

> Finally, browser download priority requires async and defer attributes on scripts (usually), or other clever ways of deferring loading.

When you add third party JS, shouldn't this be taken care of for you? Scripts for adding third party JS should already make use of async and defer as needed. What's a case where you would need to actually think about async and defer when making use of third party JS?

defjosiah · 6 years ago

This type of thing usually ends up being “death by a thousand cuts”. async + defer help out, but they do still incur parsing and evaluation (iirc, before document onload event) overhead. If you delay loading until you’re sure the page is interactice, you’ll end up loading third-party pretty late (which impacts metrics, and usually isn’t out of the box supported).

On a standard product-ey site with retargeting ads, user tracking, etc. this third-party slowdown is significant.

All of this is exacerbated on lower-end devices, and non-WiFi Internet.

defjosiah commented on Lies, damn lies, and front-end tracking alexeymk.com/2020/07/14/l... · Posted by u/AlexeyMK

malisper · 6 years ago

Can someone explain to me why third party JS has such a big impact on load time? I thought browsers deprioritize third party JS and load it after all first party assests have been downloaded and the site has been rendered. If that's the case why does third party JS still have such a big impact on page performance?

defjosiah · 6 years ago

You can (usually accidentally) end up with a render blocking script tag. In this article example it was client-side optimizely.

The parsing and execution of third-party javascript is definitely non-trivial if you profile it, especially on lower end devices.

Finally, browser download priority requires async and defer attributes on scripts (usually), or other clever ways of deferring loading.

defjosiah commented on Lies, damn lies, and front-end tracking alexeymk.com/2020/07/14/l... · Posted by u/AlexeyMK

XCSme · 6 years ago

I don't think this is an issue with the on-site analytics, but with the quality of the traffic and website performance. If you make sure that:

1) Your site loads in under 3-4 seconds for any user.

2) The user is interested enough to wait 3-4 seconds until the page loads.

Then most issues will be solved.

The problem with ads in many cases is that the traffic they send is of very low quality or just bots. In the end you already know from your ads provider how many users they say they sent and you should always use that when calculating ad conversion rate.

Also note that using Cloudflare will count as bounced users who never actually even tried to load your page (bots, crawlers, scrapers, all HTTP requests).

defjosiah · 6 years ago

I worked with Alexey on this project. It’s pretty straightforward to filter out bots (either before send, or in analysis later). For our traffic, it was mostly commonly known bot user-agents. I’m also pretty sure malicious bots get blocked by Cloudflare before hitting the Cloudflare workers.