-
Notifications
You must be signed in to change notification settings - Fork 341
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deferred fetching #1647
base: main
Are you sure you want to change the base?
Deferred fetching #1647
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- "inactive timeout" -> "deferred delay". At least that seems clearer to me.
- I think
fetchLater
was quite nice in that it sorts the same asfetch
.fetchDeferred
could also work, though is a bit harder to spell. I don't think we need request in the name. - It's not clear how the name fetch group states get activated. That needs some kind of additional PR against HTML I suppose?
- I think we should describe the API in the same section as the fetch method. Could be called "Fetch methods" then.
- Deferred fetching itself could then precede the "Fetch API" section. Maybe it could even be a subsection of "Fetching" though I don't mind a new top-level section.
But this is deferred delay specifically in the case of inactivity. "inactivity deferred delay"?
I was thinking about "what are we doing right now?" which is requesting/scheduling a deferred fetch for later. But
Yes, HTML would activate/deactivate in the BFCache code path. Need to prepare a PR for that but wanted to see that I'm on the right track first.
Will do
OK |
cc @mingyc @fergald @yoavweiss @clelland latest API shape proposal for PendingBeacon |
Another note about "origin" of a beacon request: there were some previous discussion about using 3P storage partitioning key (not origin, which is stricter) to decide whether pending beacon requests in a page are sendable or not in terms of privacy concern, see WICG/pending-beacon#30 (comment) and comments there below. I am not sure how this should be spec. |
OK, perhaps the 64kb constraint can be per network partition key rather than origin. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
PTAL, added some more comments.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
noamr@ PTAL. I've added some more questions and comments. Really thanks for your help!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you noamr@! I've added some last comments. And also added the missing features from the original proposal belows. Please let us know if they are suitable here.
- It is suggested to allow only secure requests for new API in Do we want to enforce HTTPS request? WICG/pending-beacon#27. Should we enforce HTTPS-only requests on
fetchLater()
? - Should this spec mention [Permission Policy]https://www.w3.org/TR/permissions-policy/? In [Fetch-Based API] Permissions Policy WICG/pending-beacon#77, the suggestion is to allow the API by default. But we might want to provide a way to manage 3rd party iframe's usage.
- Consider to support retry mechanism WICG/pending-beacon#40 Should this spec mention retry when
fetchLater()
fails to send/commit? - The original PendingBeacon proposal also includes Crash recovery WICG/pending-beacon#34, not sure how it can be incorporated into fetch spec.
Probably a good idea, from the point of view of enabling new features only for secure requests.
I don't think we should integrate with permission policy. But we should allow the user agent to deny a
Perhaps consider adding this later?
I don't think that changes anything in the spec. |
@noamr Following up on the sendable beacon discussion: As mentioned in WICG/pending-beacon#30 (comment), there were discussions around whether a beacon (or deferred request) should be sent when network changes. I tried to summarize them in [this PR](WICG/pending-beacon@feb3cf9, but basically to process a beacon request when BackgroundSync is off, we need to see if another open document (tab/frame/etc) with the same storage partitioning key as the current document's one, to avoid unexpected sending the request after network changes. Do you think the above makes sense to be integrated into Fetch spec? |
The logic for deferred fetching (the `fetchLater` function), as defined in the fetch spec, specifies a "quota" which is shared with between a document and its direct same-origin descendants. For this logic to work in a secure way, the quota needs to be: - reserved when a frame-initiated navigation starts. This way, the container document can only reserve quota based on URLs it knows it navigates to. - freed if the document ends up being same origin with its container, upon document creation. This ensures quota is handled correctly in the case of redirects. This PR adds those two calls: - Call "reserve" on navigation, based on `sourceDocument`. - Call "potentially free" on document creation. Depends on whatwg/fetch#1647, where the quota logic itself is defined.
<p>To <dfn>process deferred fetches</dfn> given a <a>fetch group</a> <var>fetchGroup</var>: | ||
|
||
<ol> | ||
<li><p><a for=list>For each</a> <a for="fetch group">deferred fetch record</a> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For each deferred fetch record deferredRecord of controlDocument’s fetch group’s deferred fetch records:
Consider the following example:
root (a.com) -> frame-1 (a.com) -> frame-2 (b.com)
-> frame-3 (b.com) -> frame-4 (a.com)
Since frame-1
's controlDocument
is root
, any new fetchLater requests made in frame-1
, when being processed by To get the available deferred-fetch quota
, will only consider the existing deferred records from root
?
Is that expected?
// In root
fetchLater('a.com', 64kb)
// In frame-1
fetchLater('a.com', 64kb)
// In root
fetchLater('a.com', 64kb)
In the above request sequence, shouldn't both the 2nd and the 3rd be rejected due to quotaForRequestOrigin
for a.com
exceeding 64kb?
Add a JS-exposed function to request a deferred fetch, called
fetchLater
.A deferred fetch would be invoked in one of two scenarios:
A few constraints:
The quota algorithm is a bit intricate, but its default should be somewhat reasonable for all but advanced cases.
fetchLater
in sequence.deferred-fetch-minimal
) controls that, and the top-level document can disable that allocated quota by disabling that permissions policy.deferred-fetch
permissions policy.src
on an iframe. It is not guaranteed that the subframe would actually be able to use thatquota, as it might end up navigating to a same-origin URL or disable the feature in its own permissions policy. However, the container's document only cares about the initial reserved value for subframes it doesn't have direct access to.
See WICG/pending-beacon#70
(See WHATWG Working Mode: Changes for more details.)
Preview | Diff