Baseline Widely available
Note: This feature is available in Web Workers.
The secureConnectionStart read-only property returns a timestamp immediately before the browser starts the handshake process to secure the current connection. If a secure connection is not used, the property returns zero.
The secureConnectionStart property can have the following values:
DOMHighResTimeStamp indicating the time immediately before the browser starts the handshake process to secure the current connection if the resource is fetched over a secure connection.0 if no secure connection is used.0 if the resource was instantaneously retrieved from a cache.0 if the resource is a cross-origin request and no Timing-Allow-Origin HTTP response header is used.The secureConnectionStart and requestStart properties can be used to measure how long it takes for the TLS negotiation to happen.
const tls = entry.requestStart - entry.secureConnectionStart;
Example using a PerformanceObserver, which notifies of new resource performance entries as they are recorded in the browser's performance timeline. Use the buffered option to access entries from before the observer creation.
const observer = new PerformanceObserver((list) => {
list.getEntries().forEach((entry) => {
const tls = entry.requestStart - entry.secureConnectionStart;
if (tls > 0) {
console.log(`${entry.name}: TLS negotiation duration: ${tls}ms`);
}
});
});
observer.observe({ type: "resource", buffered: true });
Example using Performance.getEntriesByType(), which only shows resource performance entries present in the browser's performance timeline at the time you call this method:
const resources = performance.getEntriesByType("resource");
resources.forEach((entry) => {
const tls = entry.requestStart - entry.secureConnectionStart;
if (tls > 0) {
console.log(`${entry.name}: TLS negotiation duration: ${tls}ms`);
}
});
If the value of the secureConnectionStart property is 0, the resource is either not using a secure connection or it is a cross-origin request. To allow seeing cross-origin timing information, the Timing-Allow-Origin HTTP response header needs to be set.
For example, to allow https://developer.mozilla.org to see timing resources, the cross-origin resource should send:
Timing-Allow-Origin: https://developer.mozilla.org
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4