Security

Ensure your content cannot be embedded in a frame on other websites
Cross-domain iframes can run malicious apps, trigger alerts, autoplay videos, and induce phishing.

Performance

Deliver assets through a content delivery network
This ensures fast delivery of Internet content

Sources

https://github.com/mostafahussein/awesome-security-checklist