Closed jkarlin closed 7 years ago
We did discuss the use case of limiting number of consumed bytes — e.g. at most X KB of Javascript — regardless of where they come from (cache or network), which is why we went with "content size".. I'm OK with excluding that use case if we think it's orthogonal and better tackled elsewhere, but want to make sure that we're all on the same page. If memory serves, I think Ojan was interested in this angle.
If we do scope it down.. "Network Policy" is very broad, which may be a good thing, if we want to expand what it controls in the future? Alternatively, perhaps "download policy" is closer to what we're tackling here?
@ojanvafai and I discussed this yesterday, he was on board.
I could imagine having a max upload and max download in the end, but starting with max download. What other network policies can we imagine that might fit in here in the future? All resources must use QUIC? Only allow the given certificate?
FWIW, QUIC is not policy material.. I doubt you want pages to fail if UDP can't go through. Certificates are already handled by pinning, and not something we should venture into here?
Upload is more interesting and I can see some rationale for that. Although, arguably the user is in control there.. unless the site is doing some malicious, so perhaps that's redundant? I'm a bit worried by "Network" being too broad.
Network Usage Policy? Network Size Policy?
It might be useful to have the broader name. It's unclear to me. We should get feedback from @ojanvafai and others.
It's unclear to me too. I don't feel strongly.
Another alternative would be DataSizePolicy to match the Save-Data header.
NetworkDataSizePolicy? /me ducks :)
Transfer Size Policy? We expose transferSize
as part of Resource Timing API, which maps directly what we're discussing here.. I think: https://www.w3.org/TR/resource-timing-2/#dom-performanceresourcetiming-transfersize
Seems fine to me.
TSP works for me as well.
Content Size Policy conflates responses from the network and responses from cache/cachestorage/indexeddb/etc. These are really separate resources (network and storage) and can be treated individually with their own policies. Sites are likely are more interested in network policy (as network bytes cost users money and bandwidth is often severely constrained) than storage policy (in fact, we want to encourage cache usage), so I propose that we rename this repo to network policy and consider a storage policy down the road.
What do you think? If it doesn't make sense to rename this repo and we want to leave the original content size policy here, I can start a new repo.