Align CH processing model with implementation and HTML#3774#773
Align CH processing model with implementation and HTML#3774#773yoavweiss wants to merge 12 commits intowhatwg:masterfrom
Conversation
fetch.bs
Outdated
| <dfn export for=request id=concept-request-client-hints-list>client hints list</dfn>, | ||
| which is a <a lt="client hints list" for=client>client-hints list</a>. Unless stated | ||
| otherwise, it is the empty list. | ||
| <dfn export for=request id=concept-request-client-hints-set>client hints set</dfn>, |
There was a problem hiding this comment.
Let's preserve the original ID. I don't think it matters much that it doesn't match the text anymore.
fetch.bs
Outdated
| which is a <a lt="client hints list" for=client>client-hints list</a>. Unless stated | ||
| otherwise, it is the empty list. | ||
| <dfn export for=request id=concept-request-client-hints-set>client hints set</dfn>, | ||
| which is a <a lt="client hints set" for=client>client-hints set</a>. Unless stated |
There was a problem hiding this comment.
A primitive cannot belong to something else. I guess this was originally wrong as well.
There was a problem hiding this comment.
When is the hyphen to be used by the way? I'd rather consistently use or not use it.
There was a problem hiding this comment.
Removed "for=client".
Agreed regarding consistency. Added hyphen everywhere.
fetch.bs
Outdated
|
|
||
|
|
||
| <h3 id=client-hints-list>Client hints list</h3> | ||
| <h3 id=client-hints-set>Client hints set</h3> |
fetch.bs
Outdated
|
|
||
| <p>A <dfn export id=concept-client-hints-list for=client>client hints list</dfn> is a | ||
| <a for=/>list</a> of | ||
| <p>A <dfn export id=concept-client-hints-set for=client>client hints set</dfn> is a |
There was a problem hiding this comment.
I guess we should remove for=client here since it doesn't actually belong to a client, right?
fetch.bs
Outdated
| <a for=request>origin</a> to <var>request</var>'s | ||
| <a for=request>client</a>'s <a for="environment settings object">origin</a>. | ||
|
|
||
| <li><p>Set <var>request</var>'s <a for=request>client-hints set</a> to be a copy of the <a |
There was a problem hiding this comment.
client-hints set won't link due to the hyphen. Also, instead of copy you want https://infra.spec.whatwg.org/#list-clone.
There was a problem hiding this comment.
Added a direct link to the definition, but not sure that's the best way to do that. Let me know if there's a better way
fetch.bs
Outdated
| <p>If <var>request</var> is a <a>subresource request</a>, then: | ||
| <p>If <var>request</var>'s <a for=request>current url</a>'s | ||
| <a for=url>origin</a> is <a>same origin</a> with <var>request</var>'s | ||
| <a for=request>origin</a>, then: |
There was a problem hiding this comment.
This means that a cross-origin URL inbetween doesn't influence this. I'm not sure that's what we want? Also, can we not obtain this state from something else that has already done the check? Lots of independent same-origin checks seem like a code smell.
There was a problem hiding this comment.
This means that a cross-origin URL inbetween doesn't influence this
Do you mean a cross-origin redirection between two same origin requests? or something else?
fetch.bs
Outdated
|
|
||
| <ol> | ||
| <li> | ||
| <li> |
There was a problem hiding this comment.
One space indentation was correct.
fetch.bs
Outdated
|
|
||
| <p><a for=list>For each</a> <var>hintName</var> of <var>request</var>'s | ||
| <a for=client>client hints list</a>: | ||
| <a for=client>client-hints set</a>: |
| </ol> | ||
| </ol> | ||
|
|
||
| <li><p>If <var>request</var> is a <a>subresource request</a>, then: |
There was a problem hiding this comment.
The indentation is off here as well.
|
@yoavweiss same-origin request -> redirect to cross-origin URL -> redirect to same-origin URL. |
fetch.bs
Outdated
| <a for=request>client</a>'s <a for="environment settings object">origin</a>. | ||
|
|
||
| <li><p>Set <var>request</var>'s <a for=request>client-hints set</a> to be a <a | ||
| href="https://infra.spec.whatwg.org/#list-clone">clone</a> of the <a |
There was a problem hiding this comment.
You can use <a for=list>clone</a>.
There was a problem hiding this comment.
Also, no newlines inside tags or inline elements (slightly different rules from HTML, sorry).
annevk
left a comment
annevk
left a comment
There was a problem hiding this comment.
A comment message detailing the changes made here would help. It also seems this adds more Client-Hints headers that are not CORS-safelisted. Is that intentional?
fetch.bs
Outdated
| <h3 id=client-hints-list>Client-hints set</h3> | ||
|
|
||
| <p class=note>This section will be integrated into HTTP Client Hints. | ||
| <p class=note>This section will be integrated into HTTP Client-Hints. |
There was a problem hiding this comment.
Is that still the plan? In any event, this section should have a <p class=XXX> explaining that currently the integration is not well defined.
There was a problem hiding this comment.
I'm not sure what further integration is needed, tbh. I'll change to "XXX"
fetch.bs
Outdated
| <li> | ||
|
|
||
| <p class=note>The following step should be applicable only for same-origin requests. See | ||
| <a href="https://github.com/whatwg/fetch/issues/800">issue</a> for more details.</p> |
There was a problem hiding this comment.
This should be class=XXX and should be placed at the end of the step per convention.
those are added to the list at #725 |
I'll squash and add a meaningful commit message |
yoavweiss
force-pushed
the
ch_processing
branch
from
dd44296 to
ee93d96
Compare
fetch.bs
Outdated
| <h3 id=client-hints-list>Client-hints set</h3> | ||
|
|
||
| <p class=note>This section will be integrated into HTTP Client Hints. | ||
| <p class=XXX>This section will be integrated into HTTP Client-Hints. |
There was a problem hiding this comment.
Sorry for being unclear, this issue marker should indicate that Client Hints integration with Fetch is far from finished, similar to the issue marker you added below. I was thinking it would be good to stress that in multiple places.
There was a problem hiding this comment.
Changed to point at #726
Let me know if that works
|
The commit message needs to explain the removal of DPR and Viewport-Width from the first table as well. |
yoavweiss
force-pushed
the
ch_processing
branch
2 times, most recently
from
df666da to
bea7cde
Compare
added |
|
Having considered this further I'm not sure how to accept this as it has the same problems as #725:
|
This is currently implemented by Chromium, but not elsewhere. What's the typical process for integrating such features before they gain wider adoption?
That is not true. See https://wpt.fyi/results/client-hints?label=experimental
Are you suggesting that we need the feature policy (w3c/webappsec-permissions-policy#129) and redirection logic (#800) pieces in place before any of this can land? |
|
@yoavweiss typically we don't merge until there's at least two implementers committed to some extent (no need for two implementations). As for tests, I meant tests covering the problematic bits. And since the redirection logic is vital to how this ends up being defined, yes. It would be less problematic if that were a simple change, but basically all the existing infrastructure is in the wrong place for it, and we might need new primitives as well depending on how we deal with UA-set vs developer-set headers. |
|
https://whatwg.org/working-mode#changes has a more formal description of WHATWG's changes policy. |
I agree that the redirection logic is critical once we start doing same-origin checks. This PR (as well as current Chromium implementation) does not do that. And indeed, things may move once that logic is settled and lands. At the same time, I thought it'd be worthwhile to define the current behavior and then iterate on that. (as the current spec definition doesn't match the current implementation) |
yoavweiss
force-pushed
the
ch_processing
branch
from
2f8047a to
d73c83b
Compare
| <a for=/>set</a> of | ||
| <a href=http://httpwg.org/http-extensions/client-hints.html#accept-ch>Client hint tokens</a>, each | ||
| of which is one of `<code>DPR</code>`, `<code>Save-Data</code>`, `<code>Viewport-Width</code>`, or | ||
| `<code>Width</code>`. |
yoavweiss
changed the title
This change aligns the processing of Client-Hints with the shipped Chromium implementation, by changing the following: * Clone the environment settings object's client-hints set to the request's client-hints set. * Apply CH processing to all requests, rather than only subresource requests. * Add processing of new CH headers, added in whatwg#725 * Remove `DPR` and `Viewport-Width` from headers that are sent by default for navigation requests. It also renames "client-hints list" to "client-hints set", and changes it to be a set, to match related HTML spec changes.
yoavweiss
force-pushed
the
ch_processing
branch
from
56c7c7b to
5067615
Compare
|
I've moved most of the processing defined in this PR to https://yoavweiss.github.io/client-hints-infrastructure/ I'm therefore closing this PR. |
4 participants
This PR tackles a part of #726, by copying the request's client-hints list from the environment settings object's one (as defined in whatwg/html#3774). It also aligns the addition of CH headers to current implementations, and adds the Device-Memory, RTT, Downlink and ECT hints.
Preview | Diff