search

WebKit / standards-positions

WebKit's positions on emerging web specifications
https://webkit.org/standards-positions/
251 stars 21 forks source link

ResourceTiming - deliveryType #204

Open jeremyroman opened 1 year ago

jeremyroman commented 1 year ago

WebKittens

@achristensen07, @annevk

Title of the spec

ResourceTiming - deliveryType

URL to the spec

https://w3c.github.io/resource-timing/#dom-performanceresourcetiming-deliverytype

URL to the spec's repository

https://github.com/w3c/resource-timing

Issue Tracker URL

No response

Explainer URL

https://gist.github.com/jeremyroman/43f8f290f1f404d3b7f6cb708601c7f0

TAG Design Review URL

https://github.com/w3ctag/design-reviews/issues/858

Mozilla standards-positions issue URL

https://github.com/mozilla/standards-positions/issues/824

WebKit Bugzilla URL

No response

Radar URL

No response

Description

The Resource Timing text currently only covers "" and "cache".

Chromium also implements "navigational-prefetch" as part of https://wicg.github.io/nav-speculation/prefetch.html (currently behind a flag). some of that work might be covered by https://github.com/WebKit/standards-positions/issues/54.

annevk commented 1 year ago

The security questionnaire suggests Timing-Allow-Origin applies, but generally that's not a good fit for navigations. How exactly does it end up applying? Consider that a variety of origins might have initiated the navigation, which could all be different from the parent frame origin, etc.

(I thought of raising this as an issue, but it's not clear where.)

jeremyroman commented 1 year ago

For navigations, the TAO check trivially succeeds (since it is tautologically same-origin to itself), as you note. Consequently, a document can always tell if it, itself, was loaded from cache or was the object of navigational prefetch.

Whether it was served from cache is already knowable due to the magic number 300 in transferSize (which is available on the navigation, since it's same-origin). Whether it was served from a navigational prefetch isn't directly expressed yet, but might be inferred from the very small timestamps available (again, since documents can observe their own timing), or the pace of elements being added by the parser, or various other ways the document can observe its own loading. Nonetheless, authors benefit from a more ergonomic way to determine this.

For other resources, the ability to distinguish between "" and "cache" (i.e., to tell if a cross-origin subresource was cached) is limited by Timing-Allow-Origin, in the same way as transferSize.