ForeSee® Cloud Deployment is designed to provide optimal security and a reliably delivered network with minimal impact on your site's performance. This topic offers an overview of our efforts here at ForeSee to ensure a safe, dependable, and efficient data collection process.
All ForeSee® SDK code is hosted on a Content Delivery Network (CDN) which is backed by Amazon Cloudfront. By partnering with a recognized industry-leader, ForeSee is able to provide microsecond time-to-first-byte performance, which is the time from connection with the server to the start of web page content downloading.
In addition to a robust network, ForeSee has also adopted an architecture that minimizes the potential impact of an outage of resources on your website. The ForeSee gateway code is inserted asynchronously into the page, meaning that even if the origin server is unreachable or slow to respond, page performance is unaffected. In other words, even in the unlikely worst-case scenario where ForeSee content is temporarily unreachable, this has virtually no impact on your website other than the omission of ForeSee features during the outage.
Finally, in order to increase performance, the ForeSee product has been divided across multiple files (around 10 files). By applying parallelism, the time for downloading ForeSee product files is greatly reduced. In addition to these efforts, ForeSee continuously monitors and optimizes download performance.
Although ForeSee's code is already optimized to prevent performance impacts to your site, an additional mode is offered to provide even more confidence about limiting the impact to your website performance. In the Deferred Loading Mode, the ForeSee code places itself last in the page load order (meaning it does not load until the Window onload event). This option can be implemented by the ForeSee Support Team. One potential drawback of the Deferred Loading Mode is that you may miss out on activity that happens before the ForeSee code is loaded.
Whenever possible, ForeSee leverages caching and compression to improve performance. However, there are two special exceptions (these exceptions do not occur in newer versions of the Web SDK, starting with 19.6.0+):
- Caching of health.foresee.com resource: ForeSee code calls the health.foresee.com endpoint to ensure ForeSee services are operational before activating the rest of the ForeSee code. Since up-to-the-minute information on service status is required, ForeSee cannot specify an expiry date for this resource. However, a timed cache is used in the browser.
- Compression of health.foresee.com resource: Due to the small size of this file (~600 bytes), ForeSee's CDN vendor (Amazon Cloudfront) does not allow compression of this file. (They only compress files larger than 1,000 bytes). Since the file is so small, there is no significant benefit to compression.
ForeSee uses what are called third-party cookies to keep track of users across their experience. These cookies are just text files that reside in the browser of the visitor to the website. The difference between first and third-party cookies depends on who has the right to access the information inside the cookie. A first-party cookie can only be read by the owner of the site who created it. A third-party cookie can only be read by the external vendor who has a presence on the site. Since ForeSee is an external vendor, our cookies are defined as third-party.
In situations where you cannot allow third-party cookies on your site, you have the option of hosting the code yourself and using only first-party cookies. Ask your ForeSee representative to learn more about this option.
name:value data points, such as
pagesViewed:3, language:en, previoslyInvited:false. (ForeSee does not use JSONP).
These JSON objects can appear in the ForeSee cookie, be transmitted and stored on ForeSee servers, or converted (or parsed) into another persistence format so that the data can be migrated into various ForeSee products for display and analysis. Any requests for JSON objects follow Cross-Origin Resource Sharing (CORS) standard.
To parse JSON, Foresee uses the browser-native
JSON.parse() function to deserialize JSON strings and does not use the
eval() function. This means the function is built into web browsers to take the data out of the JSON format and into a more readable format. The exclusion of the
eval() function is important as
JSON.parse() only parses information, and does not expose users to script-injection attacks. The
eval() approach, on the other hand, parses the data by executing it as part of a script, which can open up security vulnerabilities.
ForeSee provides end-to-end 128-bit encryption of all hosted resources using TLS 1.2 protocol. 128-bit encryption is considered to be among the most secure encryption options available.
Clients may call (888) 304-5691 during normal business hours (Eastern time) or email [email protected]
Updated 10 months ago