- From: Deng, Pan <pan.deng@intel.com>
- Date: Mon, 1 Apr 2013 09:10:02 +0000
- To: Jatinder Mann <jmann@microsoft.com>, "public-web-perf@w3.org" <public-web-perf@w3.org>
- Message-ID: <BA467B16E3516645B35B7BB72D744DBA1076D2F8@SHSMSX102.ccr.corp.intel.com>
Retrieve this thread as it is cold. I think the proposed clarification will clear the usage for browser/web developer, and it won't change intended meaning of Resource Timing spec, any comments? :) Thanks Pan From: Deng, Pan [mailto:pan.deng@intel.com] Sent: Monday, February 04, 2013 5:12 PM To: public-web-perf@w3.org Subject: [Resource Timing]Statements about cross-origin redirect should be more clearly In Section 4.3 about 'redirectStart', 'redirectEnd', CR doc[1]says: "if any of the redirects are not from the same origin as the current document, and the Timing-Allow-Origin HTTP response header rules are met, this attribute must return ......" What is the meaning of "Timing-Allow-Origin HTTP response header rules are met"? Consider scenario: doc D req R1 -> R2 -> R3 -> R4. ( "->" : redirect, R4 is the final resource) It may imply: a), Any Ri's response timing-allowing-origin D. (apply to any Ri and doc D) b), R1's response timing-allow-origin D, R2's response timing allow R1... till R4's response timing allow R3. (apply to redirect chain) >From timing-allow-check algorithm in [2], it can be inferred that a) is the right one. However, Processing Model 3.19a of [1] says "If the current resource and the resource that is redirected to are not from the same origin, set redirectStart and redirectEnd to 0". Here redirectStart/End should be reset once there is a cross-origin redirect, without Timing-Allow-Origin consideration at all, is it a typo here? To make the spec more clearly, I suggest a small modification to avoid the inconsistency: Statement in section 4.3 can be modified to "if any of the redirects are not from the same origin as the current document, and the Timing-Allow-Origin HTTP response header rules are met by current document", and Processing Model 3.19a can be modified to "current resource and the document are not from same origin, and Timing-Allow-Origin HTTP response header rule is not met by the document, set redirectStart and redirectEnd to 0". Any idea? Thanks :) Pan [1] http://www.w3.org/TR/2012/CR-resource-timing-20120522/ [2] https://dvcs.w3.org/hg/webperf/raw-file/tip/specs/ResourceTiming/Overview.html#timing-allow-check
Received on Monday, 1 April 2013 09:11:05 UTC