Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consider dropping default boolean headers. #19

Closed
mikewest opened this issue Mar 14, 2019 · 4 comments
Closed

Consider dropping default boolean headers. #19

mikewest opened this issue Mar 14, 2019 · 4 comments

Comments

@mikewest
Copy link
Member

Requests will generally contain Sec-Fetch-User: ?F, which doesn't provide much value. Perhaps we can save some bandwidth by only sending boolean headers when they're interesting?

(As discussed in #18 (comment))
@mikewest
Copy link
Member Author

@arturjanc, @yoavweiss: If we omit the header rather than sending an explicit ?F, does Vary: Sec-Fetch-User, well, vary?

@yoavweiss
Copy link

My reading of RFC 7234 is that a request with a non-empty Sec-Fetch-User will vary from a request with an empty or non-existant Sec-Fetch-User.

A quick glance at the relevant Chromium code also suggests that it will vary, as it seems to calculate the MD5 hash of the request value, even if that value is the empty string.

@arturjanc
Copy link
Contributor

I did some quick testing and my observations agree with @yoavweiss's comment above: see the Vary: width tests at https://www.arturjanc.com/vary-check/index.html

Basically, when the server sends a Vary with a header name that is present in one request but not another, the browser doesn't return the cached result. I believe that's what we want.

@mikewest
Copy link
Member Author

I'm dropping Sec-Fetch-User when it's false. If that turns out to be a terrible idea, we can add it back in later. :)

chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this issue Mar 29, 2019
@mikewest @chromium-wpt-export-bot
Send Sec-Fetch-User only for user-activated, navigational requests.
3d2b510 
As per the conversation in w3c/webappsec-fetch-metadata#23 and
w3c/webappsec-fetch-metadata#19, this patch drops the `Sec-Fetch-User` header
for non-navigational requests, and for navigational requests that are
not user-activated.

Bug: 947444
Change-Id: Ica4846bda6ccf4e8bce1323803954f4fef9c18a3
Merged
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this issue Mar 29, 2019
@mikewest @chromium-wpt-export-bot
Send Sec-Fetch-User only for user-activated, navigational requests.
6b9646b 
As per the conversation in w3c/webappsec-fetch-metadata#23 and
w3c/webappsec-fetch-metadata#19, this patch drops the `Sec-Fetch-User` header
for non-navigational requests, and for navigational requests that are
not user-activated.

Bug: 947444
Change-Id: Ica4846bda6ccf4e8bce1323803954f4fef9c18a3
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this issue Mar 29, 2019
@mikewest @chromium-wpt-export-bot
Send Sec-Fetch-User only for user-activated, navigational requests.
0bd0834 
As per the conversation in w3c/webappsec-fetch-metadata#23 and
w3c/webappsec-fetch-metadata#19, this patch drops the `Sec-Fetch-User` header
for non-navigational requests, and for navigational requests that are
not user-activated.

Bug: 947444
Change-Id: Ica4846bda6ccf4e8bce1323803954f4fef9c18a3
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this issue Mar 30, 2019
@mikewest @chromium-wpt-export-bot
Send Sec-Fetch-User only for user-activated, navigational requests.
39f4978 
As per the conversation in w3c/webappsec-fetch-metadata#23 and
w3c/webappsec-fetch-metadata#19, this patch drops the `Sec-Fetch-User` header
for non-navigational requests, and for navigational requests that are
not user-activated.

Bug: 947444
Change-Id: Ica4846bda6ccf4e8bce1323803954f4fef9c18a3
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1545871
Reviewed-by: Alex Moshchuk <[email protected]>
Commit-Queue: Mike West <[email protected]>
Cr-Commit-Position: refs/heads/master@{#646086}
aarongable pushed a commit to chromium/chromium that referenced this issue Mar 30, 2019
@mikewest
Send Sec-Fetch-User only for user-activated, navigational requests.
d05a9ee 
As per the conversation in w3c/webappsec-fetch-metadata#23 and
w3c/webappsec-fetch-metadata#19, this patch drops the `Sec-Fetch-User` header
for non-navigational requests, and for navigational requests that are
not user-activated.

Bug: 947444
Change-Id: Ica4846bda6ccf4e8bce1323803954f4fef9c18a3
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1545871
Reviewed-by: Alex Moshchuk <[email protected]>
Commit-Queue: Mike West <[email protected]>
Cr-Commit-Position: refs/heads/master@{#646086}
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this issue Mar 30, 2019
@mikewest @chromium-wpt-export-bot
Send Sec-Fetch-User only for user-activated, navigational requests.
b93752a 
As per the conversation in w3c/webappsec-fetch-metadata#23 and
w3c/webappsec-fetch-metadata#19, this patch drops the `Sec-Fetch-User` header
for non-navigational requests, and for navigational requests that are
not user-activated.

Bug: 947444
Change-Id: Ica4846bda6ccf4e8bce1323803954f4fef9c18a3
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1545871
Reviewed-by: Alex Moshchuk <[email protected]>
Commit-Queue: Mike West <[email protected]>
Cr-Commit-Position: refs/heads/master@{#646086}
moz-v2v-gh pushed a commit to mozilla/gecko-dev that referenced this issue May 3, 2019
@mikewest @jgraham
Bug 1541670 [wpt PR 16148] - Send Sec-Fetch-User only for user-acti…
5d97d5b 
…vated, navigational requests., a=testonly

Automatic update from web-platform-tests
Send `Sec-Fetch-User` only for user-activated, navigational requests.

As per the conversation in w3c/webappsec-fetch-metadata#23 and
w3c/webappsec-fetch-metadata#19, this patch drops the `Sec-Fetch-User` header
for non-navigational requests, and for navigational requests that are
not user-activated.

Bug: 947444
Change-Id: Ica4846bda6ccf4e8bce1323803954f4fef9c18a3
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1545871
Reviewed-by: Alex Moshchuk <[email protected]>
Commit-Queue: Mike West <[email protected]>
Cr-Commit-Position: refs/heads/master@{#646086}

--

wpt-commits: b93752a06f9498f774aed288663259cd738f1a7c
wpt-pr: 16148
mykmelez pushed a commit to mykmelez/gecko that referenced this issue May 6, 2019
@mikewest @jgraham
Bug 1541670 [wpt PR 16148] - Send Sec-Fetch-User only for user-acti…
c4c38eb 
…vated, navigational requests., a=testonly

Automatic update from web-platform-tests
Send `Sec-Fetch-User` only for user-activated, navigational requests.

As per the conversation in w3c/webappsec-fetch-metadata#23 and
w3c/webappsec-fetch-metadata#19, this patch drops the `Sec-Fetch-User` header
for non-navigational requests, and for navigational requests that are
not user-activated.

Bug: 947444
Change-Id: Ica4846bda6ccf4e8bce1323803954f4fef9c18a3
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1545871
Reviewed-by: Alex Moshchuk <[email protected]>
Commit-Queue: Mike West <[email protected]>
Cr-Commit-Position: refs/heads/master@{#646086}

--

wpt-commits: b93752a06f9498f774aed288663259cd738f1a7c
wpt-pr: 16148
marcoscaceres pushed a commit to web-platform-tests/wpt that referenced this issue Jul 23, 2019
@mikewest
Send Sec-Fetch-User only for user-activated, navigational requests.
ecb5b9c 
As per the conversation in w3c/webappsec-fetch-metadata#23 and
w3c/webappsec-fetch-metadata#19, this patch drops the `Sec-Fetch-User` header
for non-navigational requests, and for navigational requests that are
not user-activated.

Bug: 947444
Change-Id: Ica4846bda6ccf4e8bce1323803954f4fef9c18a3
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1545871
Reviewed-by: Alex Moshchuk <[email protected]>
Commit-Queue: Mike West <[email protected]>
Cr-Commit-Position: refs/heads/master@{#646086}
gecko-dev-updater pushed a commit to marco-c/gecko-dev-comments-removed that referenced this issue Oct 4, 2019
@marco-c
Bug 1541670 [wpt PR 16148] - Send Sec-Fetch-User only for user-acti…
44dea8d 
…vated, navigational requests., a=testonly

Automatic update from web-platform-tests
Send `Sec-Fetch-User` only for user-activated, navigational requests.

As per the conversation in w3c/webappsec-fetch-metadata#23 and
w3c/webappsec-fetch-metadata#19, this patch drops the `Sec-Fetch-User` header
for non-navigational requests, and for navigational requests that are
not user-activated.

Bug: 947444
Change-Id: Ica4846bda6ccf4e8bce1323803954f4fef9c18a3
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1545871
Reviewed-by: Alex Moshchuk <alexmoschromium.org>
Commit-Queue: Mike West <mkwstchromium.org>
Cr-Commit-Position: refs/heads/master{#646086}

--

wpt-commits: b93752a06f9498f774aed288663259cd738f1a7c
wpt-pr: 16148

UltraBlame original commit: 595f9f3aa36e9e4e5c8f120d7349c2965613814d
gecko-dev-updater pushed a commit to marco-c/gecko-dev-wordified that referenced this issue Oct 4, 2019
@marco-c
Bug 1541670 [wpt PR 16148] - Send Sec-Fetch-User only for user-acti…
4fc6e10 
…vated, navigational requests., a=testonly

Automatic update from web-platform-tests
Send `Sec-Fetch-User` only for user-activated, navigational requests.

As per the conversation in w3c/webappsec-fetch-metadata#23 and
w3c/webappsec-fetch-metadata#19, this patch drops the `Sec-Fetch-User` header
for non-navigational requests, and for navigational requests that are
not user-activated.

Bug: 947444
Change-Id: Ica4846bda6ccf4e8bce1323803954f4fef9c18a3
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1545871
Reviewed-by: Alex Moshchuk <alexmoschromium.org>
Commit-Queue: Mike West <mkwstchromium.org>
Cr-Commit-Position: refs/heads/master{#646086}

--

wpt-commits: b93752a06f9498f774aed288663259cd738f1a7c
wpt-pr: 16148

UltraBlame original commit: 595f9f3aa36e9e4e5c8f120d7349c2965613814d
gecko-dev-updater pushed a commit to marco-c/gecko-dev-wordified-and-comments-removed that referenced this issue Oct 4, 2019
@marco-c
Bug 1541670 [wpt PR 16148] - Send Sec-Fetch-User only for user-acti…
7226451 
…vated, navigational requests., a=testonly

Automatic update from web-platform-tests
Send `Sec-Fetch-User` only for user-activated, navigational requests.

As per the conversation in w3c/webappsec-fetch-metadata#23 and
w3c/webappsec-fetch-metadata#19, this patch drops the `Sec-Fetch-User` header
for non-navigational requests, and for navigational requests that are
not user-activated.

Bug: 947444
Change-Id: Ica4846bda6ccf4e8bce1323803954f4fef9c18a3
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1545871
Reviewed-by: Alex Moshchuk <alexmoschromium.org>
Commit-Queue: Mike West <mkwstchromium.org>
Cr-Commit-Position: refs/heads/master{#646086}

--

wpt-commits: b93752a06f9498f774aed288663259cd738f1a7c
wpt-pr: 16148

UltraBlame original commit: 595f9f3aa36e9e4e5c8f120d7349c2965613814d
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mikewest @arturjanc @yoavweiss