Support nonce & referrer-policy in preload & link headers#7961
Support nonce & referrer-policy in preload & link headers#7961domenic merged 6 commits intowhatwg:mainfrom
Conversation
In preparation for supporting [modulepreload](whatwg#7862) in link headers. - Parse `referrerpolicy` from link headers - Add referrer policy and nonce to link processing optinos
noamr
changed the title
domenic
left a comment
domenic
left a comment
There was a problem hiding this comment.
This seems like a great idea to me. Maybe @domfarolino could comment with Chromium implementer interest?
Is there a need to include any of these in the preload key? Referrer policy especially seems potentially worthwhile... although perhaps tricky, because the current behavior is to just not require a match, so there might be a compat issue in starting to require a match?
I wouldn't suggest requiring a match for referrer policy. It's tricky in many ways. A mismatch in referrer policy could still be a match in referrer, and a match in referrer policy can still be a mismatch in referrer (e.g. a font will have the containing style as referrer) Either way, I wanted first to align link headers with link elements, and perhaps we can discuss changing the preload matching mechanism in a subsequent issue? |
That seems reasonable, as long as we have tests showing that both link elements and link headers allow such mismatches. |
I modified web-platform-tests/wpt#34245 to test this. |
|
So right now it seems like attribute processing is split across a few places:
This seems bad? As far as I can tell this means we're using different codepaths for preconnect/preload ("create link options from element") vs. everything else ("create a link element request"). "Everything else" notably includes stylesheet, manifest, and modulepreload, although in theory any of the external resource links might be fetched by browsers. I think at the very least "create link options from element" needs to include referrerpolicy, right? Further unification would probably require using "create link options from element" for everything else, which I guess we should not do at this point. But it does indicate the name "link processing options" might be overly-broad since it only applies to preconnect/preload. |
It's temporarily inconsistent (aka "bad").
Right, it's a missing part that should go into this patch,
If we decide to support further rels in link headers they would probably use the same struct. Not sure how else to call it |
|
Yeah, I guess we'll leave any further clarification/renaming until at least #7890. |
domenic
left a comment
domenic
left a comment
There was a problem hiding this comment.
LGTM, including tests. This seems like it should be quite reasonable but I'd still love some confirmation from Chromium or WebKit before merging, in case there's some opposition. Let's try asking @yoavweiss in addition to @domfarolino, for Chromium...
|
Seems like nonce is already implemented and passing the tests. I can take on adding the ReferrerPolicy bits, if no one else does. /cc @yutakahirano |
|
Back from vacation today. Yoav, feel free to take the referrer policy bits, otherwise I'm happy to do it if you do not have time. |
This CL adds `referrerpolicy` support to Link header preloads, and fixes the related tests. PR: whatwg/html#7961 Bug: i1330073 Change-Id: I0deb4afd6c77a2d766da8e706211195d6840b3a1
This CL adds `referrerpolicy` support to Link header preloads, and fixes the related tests. PR: whatwg/html#7961 Bug: i1330073 Change-Id: I0deb4afd6c77a2d766da8e706211195d6840b3a1
This CL adds `referrerpolicy` support to Link header preloads, and fixes the related tests. PR: whatwg/html#7961 Bug: 1330073 Change-Id: I0deb4afd6c77a2d766da8e706211195d6840b3a1
This CL adds `referrerpolicy` support to Link header preloads, and fixes the related tests. PR: whatwg/html#7961 Bug: 1330073 Change-Id: I0deb4afd6c77a2d766da8e706211195d6840b3a1 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3698081 Reviewed-by: Yutaka Hirano <[email protected]> Commit-Queue: Yoav Weiss <[email protected]> Cr-Commit-Position: refs/heads/main@{#1013370}
This CL adds `referrerpolicy` support to Link header preloads, and fixes the related tests. PR: whatwg/html#7961 Bug: 1330073 Change-Id: I0deb4afd6c77a2d766da8e706211195d6840b3a1 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3698081 Reviewed-by: Yutaka Hirano <[email protected]> Commit-Queue: Yoav Weiss <[email protected]> Cr-Commit-Position: refs/heads/main@{#1013370}
This CL adds `referrerpolicy` support to Link header preloads, and fixes the related tests. PR: whatwg/html#7961 Bug: 1330073 Change-Id: I0deb4afd6c77a2d766da8e706211195d6840b3a1 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3698081 Reviewed-by: Yutaka Hirano <[email protected]> Commit-Queue: Yoav Weiss <[email protected]> Cr-Commit-Position: refs/heads/main@{#1013370}
…rt, a=testonly Automatic update from web-platform-tests Preload Link header referrerpolicy support This CL adds `referrerpolicy` support to Link header preloads, and fixes the related tests. PR: whatwg/html#7961 Bug: 1330073 Change-Id: I0deb4afd6c77a2d766da8e706211195d6840b3a1 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3698081 Reviewed-by: Yutaka Hirano <[email protected]> Commit-Queue: Yoav Weiss <[email protected]> Cr-Commit-Position: refs/heads/main@{#1013370} -- wpt-commits: 2d82c9ff94b451881ad3e3f5bc9b03d6b62719e8 wpt-pr: 34365
…rt, a=testonly Automatic update from web-platform-tests Preload Link header referrerpolicy support This CL adds `referrerpolicy` support to Link header preloads, and fixes the related tests. PR: whatwg/html#7961 Bug: 1330073 Change-Id: I0deb4afd6c77a2d766da8e706211195d6840b3a1 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3698081 Reviewed-by: Yutaka Hirano <[email protected]> Commit-Queue: Yoav Weiss <[email protected]> Cr-Commit-Position: refs/heads/main@{#1013370} -- wpt-commits: 2d82c9ff94b451881ad3e3f5bc9b03d6b62719e8 wpt-pr: 34365
https://bugs.webkit.org/show_bug.cgi?id=241059 <rdar://94384756> Reviewed by Darin Adler. Added support for referrer-policy in link headers. whatwg/html#7961 * Source/WebCore/loader/LinkHeader.cpp: (WebCore::paramterNameFromString): (WebCore::LinkHeader::setValue): * Source/WebCore/loader/LinkHeader.h: (WebCore::LinkHeader::referrerPolicy const): * Source/WebCore/loader/LinkLoader.cpp: (WebCore::LinkLoader::loadLinksFromHeader): * LayoutTests/imported/w3c/web-platform-tests/preload/preload-referrer-policy-expected.txt: Added. * LayoutTests/imported/w3c/web-platform-tests/preload/preload-referrer-policy.html: Added. * LayoutTests/imported/w3c/web-platform-tests/preload/resources/echo-referrer.py: Added. (main): * LayoutTests/imported/w3c/web-platform-tests/preload/resources/link-header-referrer-policy.html: Added. * LayoutTests/imported/w3c/web-platform-tests/preload/resources/link-header-referrer-policy.py: Added. (main): Canonical link: https://commits.webkit.org/255354@main
…rt, a=testonly Automatic update from web-platform-tests Preload Link header referrerpolicy support This CL adds `referrerpolicy` support to Link header preloads, and fixes the related tests. PR: whatwg/html#7961 Bug: 1330073 Change-Id: I0deb4afd6c77a2d766da8e706211195d6840b3a1 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3698081 Reviewed-by: Yutaka Hirano <[email protected]> Commit-Queue: Yoav Weiss <[email protected]> Cr-Commit-Position: refs/heads/main@{#1013370} -- wpt-commits: 2d82c9ff94b451881ad3e3f5bc9b03d6b62719e8 wpt-pr: 34365
4 participants
In preparation for supporting modulepreload in link headers.
referrerpolicyfrom link headers(See WHATWG Working Mode: Changes for more details.)
/links.html ( diff )
/semantics.html ( diff )