Re: [whatwg/fetch] Getting all bytes in a body (#661) from Domenic Denicola on 2021-02-16 (public-webapps-github@w3.org from February 2021)

From: Domenic Denicola <notifications@github.com>
Date: Tue, 16 Feb 2021 08:04:47 -0800
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/issues/661/779935836@github.com>

> As far as I can tell we need two operations here and both would make the overall setup more verbose...

Hmm. Yeah, I think this is unavoidable. In particular, the typical flow even for simple cases like fetching scripts or for `<link>` is going to be something like

1. Setup _request_.
1. Fetch _request_, with _processResponse_ set to the following steps given _response_:
    1. If _response_'s type is "error", or _response_'s status is not an ok status, then do some failure thing and abort these steps.
    1. Read _response_'s body, with _processBody_ set to the following steps given _body_:
        1. Do something with the byte sequence _body_.
       and _processError_ set to the following steps:
        1. Do some failure thing.

Note that body-reading failure is not handled today in specs, so this is an improvement.

> The algorithms would be invoked from a parallel queue so the caller will have to use "queue a global task" as needed. We could create a wrapper that does that as well I suppose. (Maybe that's better, we add "in parallel" to the names of the algorithms above and the names above would queue tasks instead. What realm though? The current realm? The magical realm we might add for class construction and such?)

Oh, that's annoying. It would add an indentation level to the above I guess? Maybe instead we could do

> Read _response_'s body, with _global_ set to some global, _processBody_ set to the following steps given _body_:

I think we can safely assume the task source is always the networking task source. And yeah, when we have a magic global we could maybe omit the global... I should prioritize that.

> However, Fetch has "process response end-of-body" which I suppose we could remove. But Fetch also needs the entire body to be readable for integrity metadata checks. That's what https://fetch.spec.whatwg.org/#concept-body-wait is for. Should that basically tee (and wait, to avoid returning it before we know if it's safe)? Otherwise we cannot read it twice, right?

Umm, hmm. I kind of doubt implementations are making a full tee of the stream just to do integrity checking? That is:

- If you do `fetch()` with an `integrity` option, and then start reading from `res.body` as soon as it's available, I imagine either implementations don't do the integrity checking at all, or (more like the current spec) they put the entire response in memory, check the integrity, and then feed you a stream backed by memory instead of network. @ricea @yutakahirano, any insights on what we do?

- If you do `<script src="..." integrity="...">`, I imagine the integrity checking is built in to the _processBody_ steps.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/661#issuecomment-779935836

Received on Tuesday, 16 February 2021 16:05:00 UTC