From 2157b330e315fb2adce22964831a3efa9eebc593 Mon Sep 17 00:00:00 2001 From: Noam Rosenthal Date: Thu, 3 Mar 2022 18:46:16 +0200 Subject: [PATCH 01/13] Process early hints --- source | 310 ++++++++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 262 insertions(+), 48 deletions(-) diff --git a/source b/source index aa6cf8a37e6..4dd19a56557 100644 --- a/source +++ b/source @@ -2529,6 +2529,7 @@ a.setAttribute('href', 'https://example.com/'); // change the content attribute
  • `Cross-Origin-Resource-Policy` header
  • process response
  • getting a structured field value
    • +
  • header list
  • set
  • get, decode, and split
  • terminate
    • @@ -3995,6 +3996,8 @@ a.setAttribute('href', 'https://example.com/'); // change the content attribute
  • The Should element's inline behavior be blocked by Content Security Policy? algorithm
  • The Should navigation request of type be blocked by Content Security Policy? algorithm
  • The Should navigation response to navigation request of type in target be blocked by Content Security Policy? algorithm
    • +
  • The Should request be blocked by Content Security Policy? algorithm
    • +
  • The Should response to request be blocked by Content Security Policy? algorithm
  • The report-uri directive
  • The EnsureCSPDoesNotBlockStringCompilation abstract operation
  • The Is base allowed for Document? algorithm
    • @@ -14301,11 +14304,12 @@ interface HTMLLinkElement : HTMLElement {
    Processing `Link` headers
    -

    To process link headers given a Document doc, a response response, and a "pre-media" or "media" phase:

    +

    To extract links from headers given + header list headers:

      +

    1. Let links be a new list.

      2. +

    2. Let rawLinkHeaders be the result of getting, decoding, and splitting `Link` from response's HTMLLinkElement : HTMLElement {

    3. Let attribs be linkObject["target_attributes"].

      4. +

    4. If linkObject["target_uri"] does not + exist, then continue.

      5. + +

    5. Append linkObject to + links.

      6. +
    + +

  • Return links.

    • + + +

    To process early hint headers given a + response response and an + environment reservedEnvironment:

    + +
      +

    1. Let earlyPolicyContainer be the result of creating a + policy container from a fetch response given response and + reservedEnvironment.

      2. + +

    2. Let links be the result of + extracting links from + response's header list.

      3. + +

    3. Let uncommittedPreloads be an empty list.

      4. + +
    4. +

      For each linkObject in links:

      + +
        +

      1. Let attribs be + linkObject["target_attributes"].

        2. + +

      2. Let destination be + attrib["as"].

        3. + +

      3. Let crossorigin be + attrib["crossorigin"] if + attrib["crossorigin"] + exists, or the empty string otherwise.

        4. + +

      4. Let destination is not a + destination, continue.

        5. + +

      5. Let url be the result of parsing + linkObject[target_uri"] relative to response's + URL.

        6. + +

      6. Let earlyRequest be the result of + creating a potential-CORS request given + url, destination, and crossorigin.

        7. + +

      7. Set earlyRequest's + policy container to + earlyPolicyContainer.

        8. + +

      8. If attrib["integrity"] + exists, then set earlyRequest's + integrity metadata to + attrib["integrity"].

        9. + +

      9. Let unsafeEndTime be 0.

        10. + +

      10. Let earlyResponse be null.

        11. + +

      11. Let processResponse given response + res be to set earlyResponse to res.

        12. + +
      12. +

        Append the following steps given Document + document to uncommittedPreloads:

        + +
          +

        1. Let potentialRequest be a new + request, whose + client is document's + relevant settings object, + URL is earlyRequest's + URL, + destination is earlyRequest's + destination, + integrity metadata is + request's + integrity metadata, + mode is earlyRequest's + mode, and + credentials mode is + request's + credentials mode.

          2. + +

        2. If potentialRequest + should be blocked by + Content Security Policy, then abort these steps.

          3. + +

        3. Let entry be new preload entry whose + response.

          4. + +
        4. +

          Let verifyAndReport be the following steps given + response response:

          + +
            +
          1. +

            If the result of checking if + a + response should be blocked be Content Security Policy given + potentialRequest and response returns false, then:

            + +
              +

            1. Report timing for origin given + response, document's relevant global object, + "early-hint", and unsafeEndTime.

              2. + +

            2. If entry's on response + available is null, then set entry's + response to response; otherwise call + entry's + on response available given + response.

              3. +
            +
            2. + +

          2. Let preloadedResources be document's + map of preloaded resources.

            3. + +

          3. Let key be the result of + creating a preload key given + earlyRequest.

            4. + +

          4. If preloadedResources[key] + exists, then set + preloadedResources[key]'s + response to response; otherwise, + set preloadedResources[key] to a new + preload entry whose response is + response.

            5. +
          +
          5. + +

        5. If earlyResponse is null, then set processResponse to + verifyAndReport; otherwise call verifyAndReport with + earlyResponse.

          6. +
        +
        13. + +

      13. Preload request with the following + steps given res: set unsafeEndTime to the + unsafe shared current time and call processResponse with + res.

        14. +
      +
      5. + +

    5. Return uncommittedPreloads.

      6. + +
    + +

    To process link headers given a Document doc, + a response response, and a + "pre-media" or "media" phase:

    + +
      +

    1. Let links be the result of + extracting links from response's + header list.

      2. + +
    2. +

      For each linkObject in links:

      + +
        +

      1. Let attribs be + linkObject["target_attributes"].

        2. +

      2. Let expectedPhase be "media" if either "srcset", "imagesrcset", or "HTMLLinkElement : HTMLElement {

      3. If expectedPhase is not phase, then continue.

        4. -

      4. If params includes "media" and - params["media"] does not

        If attribs includes "media" and + attribs["media"] does not match the environment, then continue.

        5. @@ -25847,6 +26022,45 @@ document.body.appendChild(wbr);

      5. Return true.

      +

      To preload a resource given a request + request and processResponse, which is an algorithm accepting a + response: + fetch request, with processResponseConsumeBody set to the following steps + given response response and null or byte + sequence bytesOrNull:

      + +
        +
      1. +

        If bytesOrNull is a byte sequence, then set response's + body to the first return value of safely extracting bytesOrNull.

        + +

        By using processResponseConsumeBody, + we have extracted the entire body. This is necessary to ensure the preloader loads + the entire body from the network, regardless of whether the preload will be consumed (which + is uncertain at this point). This step then resets the request's body to a new body + containing the same bytes, so that other specifications can read from it at the time of + actual consumption, despite us having already done so once.

        +
        2. + +

      2. Otherwise, set response to a network error.

        3. + +

      3. Call processResponse with response

        +
      + +

      To create a preload key for a request + request, return a new preload key whose URL is request's URL, destination is request's destination, integrity metadata is request's integrity metadata, mode is request's mode, and + credentials mode is request's credentials mode.

      +

      The fetch and process the linked resource steps for this type of linked resource, given a link element el, are:

      @@ -25882,15 +26096,9 @@ document.body.appendChild(wbr);
    -

  • Let preloadKey be a preload key whose URL is request's URL, destination is request's destination, integrity metadata is request's integrity metadata, mode is request's mode, and - credentials mode is request's credentials mode.

    • +

  • Let preloadKey be the result of + creating a preload key given + request.

  • Let preloadEntry be a new preload entry.

    • @@ -25901,42 +26109,23 @@ document.body.appendChild(wbr); on el.

  • -

    Fetch request, with processResponseConsumeBody set to the following steps - given response response and null or byte - sequence bytesOrNull:

    +

    Preload request, with the following + steps given response response:

      -
    1. -

      If bytesOrNull is a byte sequence, then set response's - body to the first return value of safely extracting bytesOrNull.

      - -

      By using processResponseConsumeBody, - we have extracted the entire body. This is necessary to ensure the preloader loads - the entire body from the network, regardless of whether the preload will be consumed (which - is uncertain at this point). This step then resets the request's body to a new body - containing the same bytes, so that other specifications can read from it at the time of - actual consumption, despite us having already done so once.

      -
      2. - -

    2. Otherwise, set response to a network error.

      3. -

    3. Finalize and report timing with response, given el's relevant global object and "link".

      4. -

    4. Fire an event named load at el.

      5. - -

    5. Unblock rendering on el.

      6. -

    6. If preloadEntry's on response available is null, then set preloadEntry's response to response.

    7. Otherwise, call preloadEntry's on response available with response.

      8. +

    8. Fire an event named load at el.

      9. + +

    9. Unblock rendering on el.

    • @@ -88096,6 +88285,10 @@ interface Location { // but see also unsafe start time
    a number, representing a value of the unsafe shared current time when the navigation has started
    + +
    uncommitted preloads
    +
    null or a list of algorithms representing early preloaded links, to be committed + once the document has been created

    Once a navigation params struct is created, this standard does not @@ -88404,9 +88597,10 @@ interface Location { // but see also process response end of body is processResponseEndOfBody, unsafe start time is - unsafeNavigationStartTime, and unsafeNavigationStartTime, has cross-origin redirects is - false.

    + false, and uncommitted preloads is null.

  • Run process a navigate response with navigationType, allowedToDownload, hasTransientActivation, and @@ -88466,9 +88660,10 @@ interface Location { // but see also process response end of body is processResponseEndOfBody, unsafe start time is - unsafeNavigationStartTime, and unsafeNavigationStartTime, has cross-origin redirects is - false.

    • + false, and uncommitted preloads is null.

  • Run process a navigate response with navigationType, allowedToDownload, hasTransientActivation, and @@ -88584,6 +88779,8 @@ interface Location { // but see also

    Set request's reserved client to null.

    • + +

  • Set uncommittedPreloads to null.

    • @@ -88668,8 +88867,16 @@ interface Location { // but see also     fetch request.

    +
  • +

    If response is null, fetch request, with + processEarlyHintsResponse set to the following step given a + response earlyResponse: If + uncommittedPreloads is null, then set uncommittedPreloads to the result + of processing early hints headers given + earlyResponse and request's + reserved client.

    +

  • Otherwise, perform HTTP-redirect fetch using request and response.

    • @@ -88808,9 +89015,11 @@ interface Location { // but see also     process response end of body is processResponseEndOfBody, unsafe - start time is unsafeNavigationStartTime, and has cross-origin redirects is - hasCrossOriginRedirects.

    + start time is unsafeNavigationStartTime, + has cross-origin redirects is + hasCrossOriginRedirects, and + uncommitted preloads is + uncommittedPreloads.

  • Run process a navigate response with navigationType, allowedToDownload, hasTransientActivation, and @@ -89407,6 +89616,11 @@ interface Location { // but see also issue #2900.

    • +

  • For each commitEarlyPreload in + navigationParams's + uncommitted preloads, + call commitEarlyPreload given document.

    +

  • Process link headers given document, navigationParams's response, and "pre-media".

    • From f2571d676c4cb54c17f3ca68ff4f2e68afc18a6f Mon Sep 17 00:00:00 2001 From: Noam Rosenthal Date: Tue, 29 Mar 2022 10:24:00 +0300 Subject: [PATCH 02/13] Add note and remove CSP --- source | 110 +++++++++++++++++++++++++-------------------------------- 1 file changed, 49 insertions(+), 61 deletions(-) diff --git a/source b/source index 4dd19a56557..7de433057d9 100644 --- a/source +++ b/source @@ -14304,6 +14304,10 @@ interface HTMLLinkElement : HTMLElement {
    Processing `Link` headers
    +

    Currently only preload links are specified + for `Link` header processing. A dditional link types can be added here in the future.

    +

    To extract links from headers given header list headers:

    @@ -14323,15 +14327,8 @@ interface HTMLLinkElement : HTMLElement {

  • Let linkObject be the result of parsing linkHeader.

    • -
  • -

    If linkObject["relation_type"] is not "preload", then continue.

    - -

    Support for additional link types can be added here in the future.

    -
    • - -

  • Let attribs be linkObject["target_attributes"].

    • +

  • If linkObject["relation_type"] is not "preload", then continue.

  • If linkObject["target_uri"] does not exist, then continue.

    • @@ -14361,23 +14358,44 @@ interface HTMLLinkElement : HTMLElement {

  • For each linkObject in links:

    +

    The moment we receive the a early hint link header, we begin + fetching earlyRequest. If it comes back before + the document is created, we set earlyResponse to the + response of that + fetch and once the document is created we + commit it (make it available in the map of preloaded resources as if it was a + link element). If the document is created first, we commit it as soon + as the response becomes available.

    +
      -

    1. Let attribs be - linkObject["target_attributes"].

      2. +
    2. +

      Let attribs be + linkObject["target_attributes"].

      + +

      Only the "as", "crossorigin" and + "integrity" attributes are handled as part of early hint processing. + The other ones, in particular "media", + "imagesrcset", "imagesizes", and + "blocking" are only applicable once a Document is + created.

      +
      3. + +

    3. If attribs["as"] does not + exist, continue.

    4. Let destination be - attrib["as"].

      5. + attribs["as"].

    5. Let crossorigin be attrib["crossorigin"] if attrib["crossorigin"] exists, or the empty string otherwise.

      6. -

    6. Let destination is not a +

    7. If destination is not a destination, continue.

    8. Let url be the result of parsing - linkObject[target_uri"] relative to response's + linkObject["target_uri"] relative to response's URL.

    9. Let earlyRequest be the result of @@ -14405,54 +14423,25 @@ interface HTMLLinkElement : HTMLElement { document to uncommittedPreloads:

        -

      1. Let potentialRequest be a new - request, whose - client is document's - relevant settings object, - URL is earlyRequest's - URL, - destination is earlyRequest's - destination, - integrity metadata is - request's - integrity metadata, - mode is earlyRequest's - mode, and - credentials mode is - request's - credentials mode.

        2. - -

      2. If potentialRequest - should be blocked by - Content Security Policy, then abort these steps.

        3. -

      3. Let entry be new preload entry whose response.

      4. -

        Let verifyAndReport be the following steps given +

        Let respond be the following steps given response response:

          -
        1. -

          If the result of checking if - a - response should be blocked be Content Security Policy given - potentialRequest and response returns false, then:

          - -
            -

          1. Report timing for origin given - response, document's relevant global object, - "early-hint", and unsafeEndTime.

            2. - -

          2. If entry's on response - available is null, then set entry's - response to response; otherwise call - entry's - on response available given - response.

            3. -
          -
          2. +

        2. Finalize and report timing given + response, document's relevant global object, + "early-hint", and unsafeEndTime.

          3. + +

        3. If entry's on response + available is null, then set entry's + response to response; otherwise call + entry's + on response available given + response.

          4. +

      5. Let preloadedResources be document's map of preloaded resources.

        6. @@ -14472,15 +14461,14 @@ interface HTMLLinkElement : HTMLElement {

      6. If earlyResponse is null, then set processResponse to - verifyAndReport; otherwise call verifyAndReport with - earlyResponse.

        7. + respond; otherwise call respond with earlyResponse.

      10. -

    10. Preload request with the following - steps given res: set unsafeEndTime to the - unsafe shared current time and call processResponse with - res.

      11. +

    11. Preload earlyRequest with the + following steps given response res: set + unsafeEndTime to the unsafe shared current time and call + processResponse with res.

    • From 67f0862a518bacc4ca3b86a07091d0a968e51eee Mon Sep 17 00:00:00 2001 From: Noam Rosenthal Date: Tue, 29 Mar 2022 10:30:15 +0300 Subject: [PATCH 03/13] Remove unnecessary refs --- source | 4 ---- 1 file changed, 4 deletions(-) diff --git a/source b/source index 7de433057d9..add46ded53a 100644 --- a/source +++ b/source @@ -3994,10 +3994,6 @@ a.setAttribute('href', 'https://example.com/'); // change the content attribute
  • The Run CSP initialization for a Document algorithm
  • The Run CSP initialization for a global object algorithm
  • The Should element's inline behavior be blocked by Content Security Policy? algorithm
    • -
  • The Should navigation request of type be blocked by Content Security Policy? algorithm
    • -
  • The Should navigation response to navigation request of type in target be blocked by Content Security Policy? algorithm
    • -
  • The Should request be blocked by Content Security Policy? algorithm
    • -
  • The Should response to request be blocked by Content Security Policy? algorithm
  • The report-uri directive
  • The EnsureCSPDoesNotBlockStringCompilation abstract operation
  • The Is base allowed for Document? algorithm
    • From dcde6a06f6f7328514eaa8468e8ff8d87cc2dc28 Mon Sep 17 00:00:00 2001 From: Noam Rosenthal Date: Tue, 29 Mar 2022 17:41:49 +0300 Subject: [PATCH 04/13] Add note about order --- source | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/source b/source index add46ded53a..bb2f6610125 100644 --- a/source +++ b/source @@ -14300,9 +14300,11 @@ interface HTMLLinkElement : HTMLElement {
    Processing `Link` headers
    -

    Currently only preload links are specified - for `Link` header processing. A dditional link types can be added here in the future.

    +

    The processing of `Link` headers apart from preload, in particular their influence on a Document's + script-blocking style sheet counter, is not defined. See issue #4224 for discussion on integrating + this into the spec.

    To extract links from headers given header list headers:

    @@ -14340,7 +14342,14 @@ interface HTMLLinkElement : HTMLElement { response response and an environment reservedEnvironment:

    -
      +

      Early-hint `Link` headers are always processed + before `Link` headers from the final + response, followed by link elements. This + is equivalent to prepending the contents of the early and final + `Link` headers to the Document's + head element, in respective order.

      + +

      1. Let earlyPolicyContainer be the result of creating a policy container from a fetch response given response and reservedEnvironment.

        2. @@ -14532,12 +14541,6 @@ interface HTMLLinkElement : HTMLElement {
      -

      The processing of `Link` headers apart from preload, in particular their influence on a Document's - script-blocking style sheet counter, is not defined. See issue #4224 for discussion on integrating - this into the spec.

      -
      Providing users with a means to follow hyperlinks created using the link @@ -88857,7 +88860,7 @@ interface Location { // but see also response earlyResponse: If uncommittedPreloads is null, then set uncommittedPreloads to the result - of processing early hints headers given + of processing early hint headers given earlyResponse and request's reserved client.

      From d293fca703510df6ce47701dac60c8e22f4f4bc2 Mon Sep 17 00:00:00 2001 From: Noam Rosenthal Date: Tue, 29 Mar 2022 17:50:58 +0300 Subject: [PATCH 05/13] nit --- source | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source b/source index bb2f6610125..143436756f8 100644 --- a/source +++ b/source @@ -14363,7 +14363,7 @@ interface HTMLLinkElement : HTMLElement {

    1. For each linkObject in links:

      -

      The moment we receive the a early hint link header, we begin +

      The moment we receive the early hint link header, we begin fetching earlyRequest. If it comes back before the document is created, we set earlyResponse to the response of that From e3473d4b064c51a7b83215fe07a8bded2f89d8d7 Mon Sep 17 00:00:00 2001 From: Noam Rosenthal Date: Tue, 29 Mar 2022 18:02:27 +0300 Subject: [PATCH 06/13] nit --- source | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/source b/source index 143436756f8..8f867a92b2e 100644 --- a/source +++ b/source @@ -14349,7 +14349,7 @@ interface HTMLLinkElement : HTMLElement { `Link` headers to the Document's head element, in respective order.

      -
        +

        1. Let earlyPolicyContainer be the result of creating a policy container from a fetch response given response and reservedEnvironment.

          2. @@ -14476,9 +14476,9 @@ interface HTMLLinkElement : HTMLElement { processResponse with res.

        +

    2. Return uncommittedPreloads.

      3. -

    To process link headers given a Document doc, @@ -88854,16 +88854,14 @@ interface Location { // but see also fetch request, with - processEarlyHintsResponse set to the following step given a - response earlyResponse: If - uncommittedPreloads is null, then set uncommittedPreloads to the result - of processing early hint headers given - earlyResponse and request's - reserved client.

    - +

  • If response is null, fetch request, with + processEarlyHintsResponse set to the following step given a + response earlyResponse: If + uncommittedPreloads is null, then set uncommittedPreloads to the result + of processing early hint headers given + earlyResponse and request's + reserved client.

  • Otherwise, perform HTTP-redirect fetch using request and response.

    • From 68f5f9a30d46f37d455d22d68821b7aed43fe84d Mon Sep 17 00:00:00 2001 From: Noam Rosenthal Date: Tue, 29 Mar 2022 18:38:56 +0300 Subject: [PATCH 07/13] Fix build --- source | 44 ++++++++++++++++++++++---------------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/source b/source index 8f867a92b2e..783875dca10 100644 --- a/source +++ b/source @@ -3994,6 +3994,8 @@ a.setAttribute('href', 'https://example.com/'); // change the content attribute
  • The Run CSP initialization for a Document algorithm
  • The Run CSP initialization for a global object algorithm
  • The Should element's inline behavior be blocked by Content Security Policy? algorithm
    • +
  • The Should navigation request of type be blocked by Content Security Policy? algorithm
    • +
  • The Should navigation response to navigation request of type in target be blocked by Content Security Policy? algorithm
  • The report-uri directive
  • The EnsureCSPDoesNotBlockStringCompilation abstract operation
  • The Is base allowed for Document? algorithm
    • @@ -14344,7 +14346,7 @@ interface HTMLLinkElement : HTMLElement {

    Early-hint `Link` headers are always processed before `Link` headers from the final - response, followed by link elements. This + response, followed by link elements. This is equivalent to prepending the contents of the early and final `Link` headers to the Document's head element, in respective order.

    @@ -14369,15 +14371,16 @@ interface HTMLLinkElement : HTMLElement { response of that fetch and once the document is created we commit it (make it available in the map of preloaded resources as if it was a - link element). If the document is created first, we commit it as soon - as the response becomes available.

    + link element). If the document is created first, the + response is committed as soon as it becomes + available.

    1. Let attribs be linkObject["target_attributes"].

      -

      Only the "as", "crossorigin" and +

      Only the "as", "crossorigin", and "integrity" attributes are handled as part of early hint processing. The other ones, in particular "media", "imagesrcset", "imagesizes", and @@ -14448,35 +14451,32 @@ interface HTMLLinkElement : HTMLElement { response.

    -

  • Let preloadedResources be document's - map of preloaded resources.

    • - -

  • Let key be the result of - creating a preload key given - earlyRequest.

    • +

  • Let preloadedResources be document's + map of preloaded resources.

    • -

  • If preloadedResources[key] - exists, then set - preloadedResources[key]'s - response to response; otherwise, - set preloadedResources[key] to a new - preload entry whose response is - response.

    • - - +

  • Let key be the result of + creating a preload key given + earlyRequest.

    • -

  • If earlyResponse is null, then set processResponse to - respond; otherwise call respond with earlyResponse.

    • +

  • If preloadedResources[key] + exists, then set + preloadedResources[key]'s + response to response; otherwise, + set preloadedResources[key] to a new + preload entry whose response is + response.

    • +

  • If earlyResponse is null, then set processResponse to + respond; otherwise call respond with earlyResponse.

    • +

  • Preload earlyRequest with the following steps given response res: set unsafeEndTime to the unsafe shared current time and call processResponse with res.

    • -

  • Return uncommittedPreloads.

    • From 503f06d2970203d3d5c0ec8a67322e4f9d7498be Mon Sep 17 00:00:00 2001 From: Noam Rosenthal Date: Wed, 30 Mar 2022 08:37:16 +0300 Subject: [PATCH 08/13] Add a couple of more notes --- source | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/source b/source index 783875dca10..449722a349d 100644 --- a/source +++ b/source @@ -14352,9 +14352,15 @@ interface HTMLLinkElement : HTMLElement { head element, in respective order.

      -

    1. Let earlyPolicyContainer be the result of creating a - policy container from a fetch response given response and - reservedEnvironment.

      2. +
    2. +

      Let earlyPolicyContainer be the result of creating a policy container from a + fetch response given response and reservedEnvironment.

      + +

      This allows the early hint response to + include a Content Security Policy directive which would be + enforced when fetching the early hint + request.

      +

    3. Let links be the result of extracting links from @@ -88801,7 +88807,13 @@ interface Location { // but see also reserved client to null.

      4. -

    4. Set uncommittedPreloads to null.

      5. +
    5. +

      Set uncommittedPreloads to null.

      + +

      Preloaded links from early hint + headers remain in the preload cache after a same origin redirect, but + get discarded when the redirect is cross-origin.

      +
    From 2af1aaf8cff4d5decbd1f0f6484cffef112c2c17 Mon Sep 17 00:00:00 2001 From: Noam Rosenthal Date: Sun, 3 Apr 2022 10:26:59 +0300 Subject: [PATCH 09/13] Add some more text --- source | 55 +++++++++++++++++++++++++++++++++++++------------------ 1 file changed, 37 insertions(+), 18 deletions(-) diff --git a/source b/source index 449722a349d..a7c2d64c2b8 100644 --- a/source +++ b/source @@ -2543,6 +2543,7 @@ a.setAttribute('href', 'https://example.com/'); // change the content attribute
  • incrementally reading a body
  • processResponseConsumeBody
  • processResponseEndOfBody
    • +
  • processEarlyHintsResponse
  • response and its @@ -14340,6 +14341,22 @@ interface HTMLLinkElement : HTMLElement {

  • Return links.

    • +
    Early Hint Headers
    + +

    Early hint headers allow user-agents to perform some operations, such as speculative loading + resources that are likely to be used by the document, before the navigation request is fully + handled by the server and a response code is served. Servers can indicate early hints by serving a + response with a 103 status code before serving the final + response.

    + +

    Only the first early hint response served during the navigation is handled, and it + is discarded if it is succeeded by a cross-origin redirect. In addition to the early hint, the 103 + response may also contain a Content Security Policy header, which is enforced when + processing the early hints.

    + +

    +

    +

    To process early hint headers given a response response and an environment reservedEnvironment:

    @@ -14357,7 +14374,7 @@ interface HTMLLinkElement : HTMLElement { fetch response given response and reservedEnvironment.

    This allows the early hint response to - include a Content Security Policy directive which would be + include a Content Security Policy which would be enforced when fetching the early hint request.

    @@ -14373,11 +14390,11 @@ interface HTMLLinkElement : HTMLElement {

    The moment we receive the early hint link header, we begin fetching earlyRequest. If it comes back before - the document is created, we set earlyResponse to the + the Document is created, we set earlyResponse to the response of that - fetch and once the document is created we - commit it (make it available in the map of preloaded resources as if it was a - link element). If the document is created first, the + fetch and once the Document is created we + commit it (by making it available in the map of preloaded resources as if it was a + link element). If the Document is created first, the response is committed as soon as it becomes available.

    @@ -14386,12 +14403,14 @@ interface HTMLLinkElement : HTMLElement {

    Let attribs be linkObject["target_attributes"].

    -

    Only the "as", "crossorigin", and - "integrity" attributes are handled as part of early hint processing. - The other ones, in particular "media", - "imagesrcset", "imagesizes", and - "blocking" are only applicable once a Document is - created.

    +

    Only the as, + crossorigin, and + integrity attributes are handled as part of early + hint processing. The other ones, in particular + media, + imagesrcset, + imagesizes, and "blocking" + are only applicable once a Document is created.

  • If attribs["as"] does not @@ -14401,8 +14420,8 @@ interface HTMLLinkElement : HTMLElement { attribs["as"].

  • Let crossorigin be - attrib["crossorigin"] if - attrib["crossorigin"] + attribs["crossorigin"] if + attribs["crossorigin"] exists, or the empty string otherwise.

  • If destination is not a @@ -14420,10 +14439,10 @@ interface HTMLLinkElement : HTMLElement { policy container to earlyPolicyContainer.

    • -

  • If attrib["integrity"] +

  • If attribs["integrity"] exists, then set earlyRequest's integrity metadata to - attrib["integrity"].

    • + attribs["integrity"].

  • Let unsafeEndTime be 0.

    • @@ -26040,7 +26059,7 @@ document.body.appendChild(wbr);

  • Otherwise, set response to a network error.

    • -

  • Call processResponse with response

    +

  • Call processResponse with response.

    To create a preload key for a request @@ -88868,8 +88887,8 @@ interface Location { // but see also fetch request, with - processEarlyHintsResponse set to the following step given a - response earlyResponse: If + processEarlyHintsResponse set to the following step + given a response earlyResponse: If uncommittedPreloads is null, then set uncommittedPreloads to the result of processing early hint headers given earlyResponse and request's From ce22dcaf804135c7510f88424bce112e4b02fd3f Mon Sep 17 00:00:00 2001 From: Noam Rosenthal Date: Mon, 4 Apr 2022 19:31:50 +0300 Subject: [PATCH 10/13] Add explanation and examples for early hints --- source | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 59 insertions(+), 9 deletions(-) diff --git a/source b/source index a7c2d64c2b8..81a2653758c 100644 --- a/source +++ b/source @@ -14341,21 +14341,68 @@ interface HTMLLinkElement : HTMLElement {

  • Return links.

    • -
    Early Hint Headers
    +
    Early Hints
    -

    Early hint headers allow user-agents to perform some operations, such as speculative loading - resources that are likely to be used by the document, before the navigation request is fully +

    Early hints allow user-agents to perform some operations, such as to speculatively + load resources that are likely to be used by the document, before the navigation request is fully handled by the server and a response code is served. Servers can indicate early hints by serving a response with a 103 status code before serving the final response.

    +
    +

    For example, given the following sequence of responses:

    + 
    +    103 Early Hint
+    Link: </image.png>; rel=preload; as=image
+
    + + 
    +    200 OK
+    Content-Type: text/html
+
+    <!DOCTYPE html>
+    ...
+    <img src="/image.png">
+
    + +

    the image will start loading before the HTML content arrives.

    +
    +

    Only the first early hint response served during the navigation is handled, and it - is discarded if it is succeeded by a cross-origin redirect. In addition to the early hint, the 103 - response may also contain a Content Security Policy header, which is enforced when - processing the early hints.

    + is discarded if it is succeeded by a cross-origin redirect. In addition to the early hint, it is + possbile that the 103 response contains a Content Security Policy header, which is + enforced when processing the early hints.

    + +
    +

    For example, given the following sequence of responses:

    + 
    +    103 Early Hint
+    Content-Security-Policy: style-src: self;
+    Link: </style.css>; rel=preload; as=style
+
    + + 
    +    103 Early Hint
+    Link: </image.png>; rel=preload; as=image
+
    + + 
    +    302 Redirect
+    Location: /alternate.html
+
    + + 
    +    200 OK
+    Content-Security-Policy: style-src: none;
+    Link: </font.ttf>; rel=prelad; as=font
+
    + +

    The font and style would be loaded, and the image will be discarded, as only the first early hint + response in the final redirect chain is respected. The late Content Security Policy + header comes after the request to fetch the style has already been performed, but the style will + not be accessible to the document.

    +
    -

    -

    To process early hint headers given a response response and an @@ -88829,7 +88876,7 @@ interface Location { // but see also Preloaded links from early hint +

    Preloaded links from early hint headers remain in the preload cache after a same origin redirect, but get discarded when the redirect is cross-origin.

    @@ -127512,6 +127559,9 @@ INSERT INTERFACES HERE
    [RFC7578]
    Returning Values from Forms: multipart/form-data, L. Masinter. IETF.
    +
    [RFC8297]
    +
    An HTTP Status Code for Indicating Hints, K. Oku. IETF.
    +
    [SCREENORIENTATION]
    Screen Orientation API, M. Lamouri, M. Cáceres. W3C.
    From 5050cf527dc4da8ce0c0c97c86c14ed4e19987c6 Mon Sep 17 00:00:00 2001 From: Noam Rosenthal Date: Thu, 14 Apr 2022 09:39:40 +0300 Subject: [PATCH 11/13] Fix a few CR nits --- source | 186 ++++++++++++++++++++++++++++----------------------------- 1 file changed, 90 insertions(+), 96 deletions(-) diff --git a/source b/source index 81a2653758c..60991bd85c9 100644 --- a/source +++ b/source @@ -14341,7 +14341,67 @@ interface HTMLLinkElement : HTMLElement {

  • Return links.

    • -
    Early Hints
    +

    To process link headers given a Document doc, + a response response, and a + "pre-media" or "media" phase:

    + +
      +

    1. Let links be the result of + extracting links from response's + header list.

      2. + +
    2. +

      For each linkObject in links:

      + +
        +

      1. Let attribs be + linkObject["target_attributes"].

        2. + +

      2. Let expectedPhase be "media" if either "srcset", "imagesrcset", or "media" exist in + attribs; otherwise false.

        3. + +

      3. If expectedPhase is not phase, then + continue.

        4. + +

      4. If attribs includes "media" and + attribs["media"] does not match the environment, then + continue.

        5. + +

      5. Let element be the result of creating an + element given doc, link, and the HTML + namespace.

        6. + +

      6. Set an attribute value for + element using "href" and + linkObject["target_uri"].

        7. + +

      7. Set an attribute value for + element using "rel" and + linkObject["relation_type"].

        8. + +

      8. For each entry in attribs: if + entry[0] is "as", "type", "crossorigin", "imagesizes", "blocking", "integrity", "imagesrcset", or "media", then set an attribute value for + element using entry[0] and entry[1].

        9. + +

      9. Fetch and process + el.

        10. +
      +
      3. +
    + +
    Early Hints

    Early hints allow user-agents to perform some operations, such as to speculatively load resources that are likely to be used by the document, before the navigation request is fully @@ -14351,51 +14411,45 @@ interface HTMLLinkElement : HTMLElement {

    For example, given the following sequence of responses:

    - 
    -    103 Early Hint
-    Link: </image.png>; rel=preload; as=image
-
    + 
    103 Early Hint
+Link: </image.png>; rel=preload; as=image
    - 
    -    200 OK
-    Content-Type: text/html
+   
    200 OK
+Content-Type: text/html
 
-    <!DOCTYPE html>
-    ...
-    <img src="/image.png">
-   
    
+<!DOCTYPE html>
+...
+<img src="/image.png">

    the image will start loading before the HTML content arrives.

    Only the first early hint response served during the navigation is handled, and it - is discarded if it is succeeded by a cross-origin redirect. In addition to the early hint, it is - possbile that the 103 response contains a Content Security Policy header, which is - enforced when processing the early hints.

    + is discarded if it is succeeded by a cross-origin redirect.

    + +

    In addition to the `Link` headers, it is possible that the 103 + response contains a Content Security Policy header, which is enforced when processing + the early hint.

    For example, given the following sequence of responses:

    - 
    -    103 Early Hint
-    Content-Security-Policy: style-src: self;
-    Link: </style.css>; rel=preload; as=style
-
    - - 
    -    103 Early Hint
-    Link: </image.png>; rel=preload; as=image
-
    - - 
    -    302 Redirect
-    Location: /alternate.html
-
    - - 
    -    200 OK
-    Content-Security-Policy: style-src: none;
-    Link: </font.ttf>; rel=prelad; as=font
-
    + 
    103 Early Hint
+Content-Security-Policy: style-src: self;
+Link: </style.css>; rel=preload; as=style
    + + 
    103 Early Hint
+Link: </image.png>; rel=preload; as=image
    + + 
    302 Redirect
+Location: /alternate.html
    + + 
    200 OK
+Content-Security-Policy: style-src: none;
+Link: </font.ttf>; rel=preload; as=font

    The font and style would be loaded, and the image will be discarded, as only the first early hint response in the final redirect chain is respected. The late Content Security Policy @@ -14553,66 +14607,6 @@ interface HTMLLinkElement : HTMLElement {

  • Return uncommittedPreloads.

    • -

    To process link headers given a Document doc, - a response response, and a - "pre-media" or "media" phase:

    - -
      -

    1. Let links be the result of - extracting links from response's - header list.

      2. - -
    2. -

      For each linkObject in links:

      - -
        -

      1. Let attribs be - linkObject["target_attributes"].

        2. - -

      2. Let expectedPhase be "media" if either "srcset", "imagesrcset", or "media" exist in - attribs; otherwise false.

        3. - -

      3. If expectedPhase is not phase, then - continue.

        4. - -

      4. If attribs includes "media" and - attribs["media"] does not match the environment, then - continue.

        5. - -

      5. Let element be the result of creating an - element given doc, link, and the HTML - namespace.

        6. - -

      6. Set an attribute value for - element using "href" and - linkObject["target_uri"].

        7. - -

      7. Set an attribute value for - element using "rel" and - linkObject["relation_type"].

        8. - -

      8. For each entry in attribs: if - entry[0] is "as", "type", "crossorigin", "imagesizes", "blocking", "integrity", "imagesrcset", or "media", then set an attribute value for - element using entry[0] and entry[1].

        9. - -

      9. Fetch and process - el.

        10. -
      -
      3. -
    -
    Providing users with a means to follow hyperlinks created using the link From 48cb73bbe0e5e4c8e3dfb67b902ff0011555409e Mon Sep 17 00:00:00 2001 From: Domenic Denicola Date: Thu, 14 Apr 2022 11:26:12 -0400 Subject: [PATCH 12/13] Minor fixes Notably fixing "otherwise false" to be "otherwise 'pre-media'", and linking attributes. Otherwise mostly rewrapping. --- source | 198 +++++++++++++++++++++++++++------------------------------ 1 file changed, 95 insertions(+), 103 deletions(-) diff --git a/source b/source index 60991bd85c9..2d389e7f2d1 100644 --- a/source +++ b/source @@ -14361,14 +14361,14 @@ interface HTMLLinkElement : HTMLElement { data-x="attr-img-srcset">srcset", "imagesrcset", or "media" exist in - attribs; otherwise false.

    + attribs; otherwise "pre-media".

  • If expectedPhase is not phase, then continue.

    • -

  • If attribs includes "media" and - attribs["media"] does not match the environment, then +

  • If attribs["media"] exists and attribs["media"] + does not match the environment, then continue.

  • Let element be the result of creating an @@ -14401,7 +14401,7 @@ interface HTMLLinkElement : HTMLElement {

    • -
    Early Hints
    +
    Early hints

    Early hints allow user-agents to perform some operations, such as to speculatively load resources that are likely to be used by the document, before the navigation request is fully @@ -14451,99 +14451,96 @@ Content-Security-Policy: style-src: none; Link: </font.ttf>; rel=preload; as=font -

    The font and style would be loaded, and the image will be discarded, as only the first early hint - response in the final redirect chain is respected. The late Content Security Policy - header comes after the request to fetch the style has already been performed, but the style will - not be accessible to the document.

    +

    The font and style would be loaded, and the image will be discarded, as only the first early + hint response in the final redirect chain is respected. The late Content Security + Policy header comes after the request to fetch the style has already been performed, but + the style will not be accessible to the document.

    -

    To process early hint headers given a - response response and an - environment reservedEnvironment:

    +

    To process early hint headers given a response response and an environment + reservedEnvironment:

    Early-hint `Link` headers are always processed - before `Link` headers from the final - response, followed by link elements. This - is equivalent to prepending the contents of the early and final - `Link` headers to the Document's - head element, in respective order.

    + before `Link` headers from the final response, followed by link elements. This is + equivalent to prepending the contents of the early and final `Link` headers to the Document's head element, + in respective order.

    1. -

      Let earlyPolicyContainer be the result of creating a policy container from a - fetch response given response and reservedEnvironment.

      +

      Let earlyPolicyContainer be the result of creating a policy container from + a fetch response given response and reservedEnvironment.

      This allows the early hint response to - include a Content Security Policy which would be - enforced when fetching the early hint - request.

      + include a Content Security Policy which would be enforced when fetching the early hint request.

      2. -

    2. Let links be the result of - extracting links from - response's header list.

      3. +

    3. Let links be the result of extracting links from response's header list.

    4. Let uncommittedPreloads be an empty list.

    5. For each linkObject in links:

      -

      The moment we receive the early hint link header, we begin - fetching earlyRequest. If it comes back before - the Document is created, we set earlyResponse to the - response of that - fetch and once the Document is created we - commit it (by making it available in the map of preloaded resources as if it was a - link element). If the Document is created first, the - response is committed as soon as it becomes - available.

      +

      The moment we receive the early hint link header, we begin fetching earlyRequest. If it comes back before the + Document is created, we set earlyResponse to the response of that fetch and + once the Document is created we commit it (by making it available in the map + of preloaded resources as if it was a link element). If the + Document is created first, the response is + committed as soon as it becomes available.

      1. -

        Let attribs be - linkObject["target_attributes"].

        - -

        Only the as, - crossorigin, and - integrity attributes are handled as part of early - hint processing. The other ones, in particular - media, - imagesrcset, - imagesizes, and "blocking" - are only applicable once a Document is created.

        +

        Let attribs be linkObject["target_attributes"].

        + +

        Only the as, crossorigin, and integrity attributes are handled as part of early hint + processing. The other ones, in particular media, imagesrcset, imagesizes, and "blocking" are + only applicable once a Document is created.

        2. -

      2. If attribs["as"] does not - exist, continue.

        3. +

      3. If attribs["as"] does not exist, then continue.

        4. -

      4. Let destination be - attribs["as"].

        5. +

      5. Let destination be attribs["as"].

        6. -

      6. Let crossorigin be - attribs["crossorigin"] if - attribs["crossorigin"] - exists, or the empty string otherwise.

        7. +

      7. Let crossorigin be attribs["crossorigin"] if attribs["crossorigin"] exists, + or the empty string otherwise.

        8. -

      8. If destination is not a - destination, continue.

        9. +

      9. If destination is not a destination, continue.

      10. Let url be the result of parsing linkObject["target_uri"] relative to response's URL.

        11. -

      11. Let earlyRequest be the result of - creating a potential-CORS request given - url, destination, and crossorigin.

        12. +

      12. Let earlyRequest be the result of creating a potential-CORS request given url, + destination, and crossorigin.

        13. -

      13. Set earlyRequest's - policy container to - earlyPolicyContainer.

        14. +

      14. Set earlyRequest's policy + container to earlyPolicyContainer.

        15. -

      15. If attribs["integrity"] - exists, then set earlyRequest's - integrity metadata to - attribs["integrity"].

        16. +

      16. If attribs["integrity"] exists, then set earlyRequest's integrity metadata to + attribs["integrity"].

      17. Let unsafeEndTime be 0.

        18. @@ -14557,38 +14554,35 @@ data-x="rel-preload">preload; as=font< document to uncommittedPreloads:

          -

        1. Let entry be new preload entry whose - response.

          2. +

        2. Let entry be new preload entry whose response.

        3. -

          Let respond be the following steps given - response response:

          +

          Let respond be the following steps given response response:

            -

          1. Finalize and report timing given - response, document's relevant global object, - "early-hint", and unsafeEndTime.

            2. +

          2. Finalize and report timing given response, + document's relevant global object, "early-hint", and unsafeEndTime.

          3. If entry's on response - available is null, then set entry's - response to response; otherwise call - entry's - on response available given + available is null, then set entry's response to response; otherwise call entry's on response available given response.

          -

        4. Let preloadedResources be document's - map of preloaded resources.

          5. +

        5. Let preloadedResources be document's map of preloaded + resources.

          6. -

        6. Let key be the result of - creating a preload key given - earlyRequest.

          7. +

        7. Let key be the result of creating a + preload key given earlyRequest.

          8. -

        8. If preloadedResources[key] - exists, then set - preloadedResources[key]'s - response to response; otherwise, - set preloadedResources[key] to a new +

        9. If preloadedResources[key] exists, then set preloadedResources[key]'s response to response; otherwise, set preloadedResources[key] to a new preload entry whose response is response.

        @@ -26076,12 +26070,11 @@ document.body.appendChild(wbr);

      To preload a resource given a request - request and processResponse, which is an algorithm accepting a - response: - fetch request, with processResponseConsumeBody set to the following steps - given response response and null or byte - sequence bytesOrNull:

      + request and processResponse, which is an algorithm accepting a response: fetch + request, with processResponseConsumeBody + set to the following steps given response + response and null or byte sequence bytesOrNull:

      1. @@ -26091,11 +26084,11 @@ document.body.appendChild(wbr);

        By using processResponseConsumeBody, we have extracted the entire body. This is necessary to ensure the preloader loads - the entire body from the network, regardless of whether the preload will be consumed (which - is uncertain at this point). This step then resets the request's body to a new body - containing the same bytes, so that other specifications can read from it at the time of - actual consumption, despite us having already done so once.

        + data-x="concept-response-body">body. This is necessary to ensure the preloader loads the + entire body from the network, regardless of whether the preload will be consumed (which is + uncertain at this point). This step then resets the request's body to a new body containing the + same bytes, so that other specifications can read from it at the time of actual consumption, + despite us having already done so once.

      2. Otherwise, set response to a network error.

        3. @@ -26149,9 +26142,8 @@ document.body.appendChild(wbr);
      6. -

    6. Let preloadKey be the result of - creating a preload key given - request.

      7. +

    7. Let preloadKey be the result of creating a + preload key given request.

    8. Let preloadEntry be a new preload entry.

      9. @@ -26175,6 +26167,7 @@ document.body.appendChild(wbr);

    9. Otherwise, call preloadEntry's on response available with response.

      10. +

    10. Fire an event named load at el.

      11. @@ -89674,9 +89667,8 @@ interface Location { // but see also For each commitEarlyPreload in - navigationParams's - uncommitted preloads, - call commitEarlyPreload given document.

      + navigationParams's uncommitted + preloads, call commitEarlyPreload given document.

    11. Process link headers given document, navigationParams's response, and From 7657f5c4737585c525c3d00749477a3f574326a1 Mon Sep 17 00:00:00 2001 From: Domenic Denicola Date: Thu, 14 Apr 2022 11:28:00 -0400 Subject: [PATCH 13/13] Missing /li --- source | 1 + 1 file changed, 1 insertion(+) diff --git a/source b/source index 2d389e7f2d1..f082fef67d9 100644 --- a/source +++ b/source @@ -14572,6 +14572,7 @@ data-x="rel-preload">preload; as=font< data-x="preload on response available">on response available given response.

    +

  • Let preloadedResources be document's map of preloaded resources.