vsekhar
commented
4 years ago 3P subresources have two ablation scenarios:
1) applying ablation to the subresource only 2) applying ablation to the top-level frame (analytics provider use case you mention)
Scenario 1 might apply if, for example, a comment widget provider wants to test if their widget load time affects user engagement. I can see this making sense in all cases since loading a 3P widget implicitly delegates some aspect of the page's performance to the 3P, including the authority to perform ablation studies on the widget.
Scenario 2 requires some mechanism for the top-level frame to delegate authority to apply ablation to the top level. There is also a timing issue. E.g. what happens if the subresource requests a top level ablation of FCP after FCP has already occurred? TTFB ablation would simply not be possible. So we'd need to report failed/missed/nonsensical ablations. Maybe the js API can report success or failure. I'm open to this one, but more design is needed.
I saw that the explainer indicates that "Ablation values specified when fetchin (sic) third-party subresources are ignored."
Can you expand on the reasons for that? If it's necessary for security reasons, are there other ways in which a third-party analytics provider can enable ablation for its customers? (who are not likely to modify their headers/content)
One example may be to add the meta tag dynamically in script, but from the explainer it's not clear that would work, and that might also have the negative incentive for these scripts to be render blocking, which is not great.