From 04d734b0b5ac4c1876278118aaca0326039f489d Mon Sep 17 00:00:00 2001 From: Noam Rosenthal Date: Sun, 15 Dec 2024 20:09:56 +0000 Subject: [PATCH] Update algorithm to only share quota for direct relatives --- fetch.bs | 253 +++++++++++++++++++++++++------------------------------ 1 file changed, 116 insertions(+), 137 deletions(-) diff --git a/fetch.bs b/fetch.bs index 82b41483e..122c7372d 100644 --- a/fetch.bs +++ b/fetch.bs @@ -6765,14 +6765,12 @@ sources, specifically task sources that can result in running scripts such as th fetchLater() call before running any scripts that might depend on it.
-

To queue a deferred fetch given a -request request, a null or {{DOMHighResTimeStamp}} +

To queue a deferred fetch given a request request, a +fetch group fetchGroup a null or {{DOMHighResTimeStamp}} activateAfter, an onActivatedWithoutTermination, which is an algorithm that takes no arguments:

    -
  1. Assert: request's client is a {{Document}}. -

  2. Populate request from client given request.

  3. Set request's service-workers mode to "none". @@ -6782,19 +6780,9 @@ takes no arguments:

  4. Let deferredRecord be a new deferred fetch record whose request is request. -

  5. Let topMostDirectSameOriginAncestor be request's - client. - -

  6. While topMostDirectSameOriginAncestor's node navigable's - container document is a {{Document}} whose origin is same origin - with request's client's origin, set - topMostDirectSameOriginAncestor to topMostDirectSameOriginAncestor's - node navigable's container document. -

  7. -

    Append deferredRecord to - topMostDirectSameOriginAncestor's active document's - fetch group's deferred fetch records. +

    Append deferredRecord to fetchGroup's + deferred fetch records.

    This prevents a case where eagerly creating and destroying nested documents would circumvent the keepalive quota. @@ -6873,15 +6861,15 @@ takes no arguments:

    The deferred-fetch quota is allocated to a top-level traversable (a "tab"), -amounting to 640 kibibytes. The top-level {{Document}} and its same-origin nested documents can -use this quota to queue deferred fetches, or delegate some of it to cross-origin nested documents, -using permissions policy. +amounting to 640 kibibytes. The top-level {{Document}} and its same-origin directly nested documents +can use this quota to queue deferred fetches, or delegate some of it to cross-origin nested +documents, using permissions policy.

    By default, 128 kibibytes out of these 640 kibibytes are allocated to delegating the quota to cross-origin nested documents, each reserving 8 kibibytes. -

    The top-level {{Document}}, and subsequently its nested documents, can control how much of their quota -is delegates to cross-origin/cross-agent nested documents, by using permissions policy. +

    The top-level {{Document}}, and subsequently its nested documents, can control how much of their +quota is delegates to cross-origin/cross-agent nested documents, by using permissions policy. By default, "{{PermissionsPolicy/deferred-fetch-minimal}}" is enabled for any origin, while "{{PermissionsPolicy/deferred-fetch}}" is enabled for the top-level document's origin only. By relaxing the "{{PermissionsPolicy/deferred-fetch}}" policy for particular origins and nested @@ -6940,9 +6928,8 @@ calls would succeed and the last one would throw. to https://frame.example.com, for example by serving the following header:

    Permissions-Policy: deferred-fetch=(self "https://frame.example.com")
    -

    Each nested document reserves its own quota, and all the same-origin documents in the tree share -quota with each other. So the following would work, because each frame reserve 8 kibibytes and they -share the accumulated 16 kibibytes: +

    Each nested document reserves its own quota. So the following would work, because each frame +reserve 8 kibibytes:

    
       // In cross-origin nested document at https://frame.example.com/frame-1
       fetchLater("https://a.example.com", {body: a_6kb_body});
    @@ -6961,11 +6948,15 @@ share the accumulated 16 kibibytes:
     |      | Shares quota with the top-level traversable, as they're same origin.
     |      |
     |      + ---- + https://x.example.com
    -|               Shares 16 kibibytes together with one other cross-origin nested document of the same origin.
    +|               8 kibibytes.
     |
     |
     + ---- + https://x.example.com
    -|        Shares 16 kibibytes together with one other cross-origin nested document of the same origin.
    +|        8 kibibytes.
    +|        |
    +|        + https://me.example.com
    +|          0. Even though it's same origin with the top-level traversable, it does not
    +|          automatically share its quota as they are separated by a cross-origin intermediary.
     |
     + ---- + https://ok.example.com/good
     |      | 64 kibibytes, granted via the "{{PermissionsPolicy/deferred-fetch}}" policy.
    @@ -6986,10 +6977,12 @@ descendants share a quota of 384 kibibytes. That value is computed as such:
     
    • 640 kibibytes are initially granted to the top-level traversable.

    • 128 kibibytes are reserved for the "{{PermissionsPolicy/deferred-fetch-minimal}}" policy. -

    • 64 kibibytes are reserved for the container navigating to https://ok.example/good. -

    • 64 kibibytes are reserved for the container navigating to https://ok.example/redirect, and lost when it navigates away. -

    • https://ok.example.com/back did not reserve 64 kibibytes, because it navigated back to top-level traversable's origin. -
    • 640 - 128 - 64 - 64 = 384 kibibytes. +

    • 64 kibibytes are reserved for the container navigating to + https://ok.example/good. +

    • 64 kibibytes are reserved for the container navigating to + https://ok.example/redirect, and lost when it navigates away. +

    • https://ok.example.com/back did not reserve 64 kibibytes, because it navigated + back to top-level traversable's origin.
    • 640 - 128 - 64 - 64 = 384 kibibytes.

@@ -7002,14 +6995,11 @@ descendants share a quota of 384 kibibytes. That value is computed as such: "deferred-fetch-minimal". Its default allowlist is "*". -

The optional nested document deferred-fetch quota is 64 kibibytes. -

The minimal nested document deferred-fetch quota is 8 kibibytes.

The max containers with minimal quota is 16. -

To get the available deferred-fetch quota given a {{Document}} -requestClientDocument and an origin-or-null origin: +controlDocument and an origin-or-null origin:

  1. Let quota be 0. @@ -7017,90 +7007,63 @@ descendants share a quota of 384 kibibytes. That value is computed as such:

  2. Let quotaForOrigin be 64 kibibytes.

  3. -

    For each otherNavigable of requestClientDocument's node navigable's - top-level traversable's inclusive descendant navigables: - -

    This algorithm iterates over the entire navigable tree. It accumulates quota from - the top-level traversable, and from nested documents who inherit quota. Subsequently, - it subtracts the quota delegated to cross-origin nested documents, as well as quota - spent on pending deferred fetch requests. +

    If controlDocument's node navigable is a + top-level traversable, then:

      -
    1. Let otherDocument be otherNavigable's active document. -

    2. Let otherContainer be otherNavigable's navigable container. +

    3. If controlDocument is not allowed to use the + policy-controlled feature "{{PermissionsPolicy/deferred-fetch}}", then return 0.

    4. -

      If requestClientDocument's origin is same origin with - otherDocument's origin, then: -

        -
      1. -

        If otherContainer is null, then: - -

        Accumulate the top-level traversable's initial quota. - -

          -
        1. If otherDocument is not allowed to use the - policy-controlled feature "{{PermissionsPolicy/deferred-fetch}}", then return 0. - -

        2. Assert: quota is 0. - -

        3. -

          Set quota be 640 kibibytes. -

          640kb should be enough for everyone. - -

        4. If otherDocument is allowed to use the - policy-controlled feature "{{PermissionsPolicy/deferred-fetch-minimal}}", then - decrement quota by max containers with minimal quota, multiplied by - minimal quota. -

        +

        Set quota be 640 kibibytes. +

        640kb should be enough for everyone. -

      2. -

        Otherwise, if any of the following conditions is true: - -

        - -

        then increment quota by otherContainer's - reserved deferred-fetch quota. -

        Accumulate quota granted by parent documents. - -

      3. -

        For each deferred fetch record deferredRecord of - otherDocument's fetch group's - deferred fetch records:

        +
      4. If controlDocument is allowed to use the + policy-controlled feature "{{PermissionsPolicy/deferred-fetch-minimal}}", then + decrement quota by max containers with minimal quota, multiplied by + minimal quota. +

      -

      Account for quota on deferred fetches performed by same origin clients. +

      Otherwise: -

        -
      1. Let requestLength be the total request length of - deferredRecord's request. +

          +
        1. Let container be controlDocument's node navigable's + navigable container. + +

        2. If container's reserved deferred-fetch quota is + normal quota, and controlDocument is + allowed to use the policy-controlled feature + "{{PermissionsPolicy/deferred-fetch}}", then set quota to + normal quota. + +

        3. Otherwise, if container's reserved deferred-fetch quota is + minimal quota, and controlDocument is + allowed to use the policy-controlled feature + "{{PermissionsPolicy/deferred-fetch-minimal}}", then set quota to + minimal quota. +

        -
      2. Decrement quota by requestLength. +

      3. +

        For each deferred fetch record deferredRecord of + controlDocument's fetch group's + deferred fetch records:

        -
      4. If deferredRecord's request's - URL's origin is same origin with origin, - then decrement quotaForOrigin by requestLength. -

      -
    +
      +
    1. Let requestLength be the total request length of + deferredRecord's request. -

    2. -

      If otherDocument's container document is a {{Document}} whose - origin is same origin with requestClientDocument's - origin, then decrement quota by otherContainer's - reserved deferred-fetch quota. +

    3. Decrement quota by requestLength. -

      Account for quota granted to child documents. +

    4. If deferredRecord's request's + URL's origin is same origin with origin, + then decrement quotaForOrigin by requestLength.

    +
  4. For each navigable in controlDocument's + node navigable's descendant navigables whose container document's + deferred-fetch control document is controlDocument, decrement quota by + navigable's navigable container's reserved deferred-fetch quota. +

  5. If quota is less than 0, then return 0.

  6. If quota is less than quotaForOrigin, then return quota.

  7. Return quotaForOrigin. @@ -7123,32 +7086,36 @@ shared.

    1. Set container's reserved deferred-fetch quota to 0. +

    2. Let controlDocument be container's node document's + deferred-fetch control document. +

    3. If the inherited policy for "{{PermissionsPolicy/deferred-fetch}}", container and originToNavigateTo is Enabled, and the available deferred-fetch quota for - container's container document is equal or greater than + controlDocument is equal or greater than normal quota, then set container's reserved deferred-fetch quota to normal quota and return. -

    4. If the inherited policy - for "{{PermissionsPolicy/deferred-fetch-minimal}}", container and - originToNavigateTo is Disabled, then return. - -

    5. If container's node document's origin is not - same origin with container's node navigable's - top-level traversable's active document's origin, - then return. - -

    6. Let containersWithReservedMinimalQuota be container's - node navigable's top-level traversable's - descendant navigables, removing any navigable - whose navigable container's reserved deferred-fetch quota is not - minimal quota . - -

    7. If containersWithReservedMinimalQuota's size is less - than max containers with minimal quota, then set container's - reserved deferred-fetch quota to minimal quota. +

    8. +

      If all of the following conditions are true: + +

      + +

      then set container's reserved deferred-fetch quota to + minimal quota.

@@ -7165,6 +7132,17 @@ document creation, as the origin of the {{Document}} is only redirects are handled. +
+

To get the deferred-fetch control document of a {{Document}} document: + +

    +
  1. If document' node navigable's container document is null or a + {{Document}} whose origin is not same origin with document, + return document; Otherwise return the deferred-fetch control document given + document' node navigable's container document. +

+
+

Fetch API

@@ -9084,22 +9062,24 @@ method steps are: then throw a {{TypeError}}.
  • -

    If request's - body is not null, and request's body - length is null, then throw a {{TypeError}}. +

    If request's body is not null, and request's + body length is null, then throw a {{TypeError}}.

    Requests whose body is a {{ReadableStream}} cannot be deferred. -

  • If the available deferred-fetch quota given request's - client and request's URL's origin - is less than request's total request length, then throw a - "{{QuotaExceededError}}" {{DOMException}}. +

  • Let controlDocument be request's client's + deferred-fetch control document. + +

  • If the available deferred-fetch quota given controlDocument and + request's URL's origin is less than + request's total request length, then throw a "{{QuotaExceededError}}" + {{DOMException}}.

  • Let activated be false. -

  • Let deferredRecord be the result of calling - queue a deferred fetch given request, activateAfter, and the - following step: set activated to true. +

  • Let deferredRecord be the result of calling queue a deferred fetch given + request, controlDocument's fetch group, activateAfter, and + the following step: set activated to true.

  • Add the following abort steps to requestObject's @@ -9108,9 +9088,8 @@ method steps are:

    1. Set deferredRecord's done to true. -

    2. Remove deferredRecord from - request's client's fetch group's - deferred fetch records. +

    3. Remove deferredRecord from controlDocument's + fetch group's deferred fetch records.

  • Return a new {{FetchLaterResult}} whose