Skip to content
This repository has been archived by the owner on May 5, 2022. It is now read-only.

Transition Level 1 to CR #76

Closed
5 of 7 tasks
igrigorik opened this issue Oct 13, 2016 · 20 comments
Closed
5 of 7 tasks

Transition Level 1 to CR #76

igrigorik opened this issue Oct 13, 2016 · 20 comments
Labels
w3c
Milestone
Level 1

Comments

@igrigorik
Copy link
Member

igrigorik commented Oct 13, 2016
edited
Loading

@igrigorik igrigorik added the w3c label Oct 13, 2016
@igrigorik igrigorik added this to the Level 1 milestone Oct 13, 2016
@igrigorik
Copy link
Member Author

@yoavweiss any chance you could help with the web-platform-tests for this one? Also, any pointers for Safari discussions/bugs we can link to?

@yoavweiss
Copy link
Contributor

@igrigorik - on my TODO list. If I'm realistic, it probably won't happen before Velocity AMS, but I'll carve out the time to get it done not long after.

Master WebKit issue is https://bugs.webkit.org/show_bug.cgi?id=158720

@igrigorik
Copy link
Member Author

@yoavweiss sounds great, thanks!

@toddreifsteck
Copy link
Member

I know it is already in progress but I want to ensure that we are clear that the tests are super critical for this spec given its "background" nature. I assert that we MUST get tests into Web Platform Tests before moving this to the next phase.

@yoavweiss
Copy link
Contributor

Later than I thought, but first batch of tests is at web-platform-tests/wpt#4316

@yoavweiss
Copy link
Contributor

@toddreifsteck @igrigorik - I'd appreciate your review of the tests and mostly a list of scenarios which are not currently covered.

@addyosmani
Copy link

addyosmani commented Jul 28, 2017
edited
Loading

web-platform-tests/wpt#4316 (which was great to see land) noted that this was an incomplete set of tests. @yoavweiss do you know if there are additional tests that need to be landed beyond #92?

@siusin
Copy link
Contributor

siusin commented Sep 14, 2017
edited
Loading

@yoavweiss @igrigorik
do you think this spec needs a TAG review? I know a few TAG members are involved in the design of this spec, but can't find the record of a formal review.

@toddreifsteck
Copy link
Member

@siusin @yoavweiss @igrigorik I believe a TAG review is supposed to be part of every new spec's publishing process. We should get this spec on the list, but I don't believe that needs to block the request to publish.

@yoavweiss
Copy link
Contributor

With 2.5 shipping implementations and presence in 0.9% of page views, I think it's a bit late for that :/ While we can go through the motions, I don't think we'd be able to act on any recommendations that'd result in breaking changes.

@siusin
Copy link
Contributor

siusin commented Sep 14, 2017

I'd suggest we at least formally ask the TAG if they wish to review this, also the Web Plat WG. It won't take long...

@igrigorik
Copy link
Member Author

Hmm, I'm surprised we missed the formal TAG bit here -- I'll take the blame for that, should have caught it earlier! Pinging TAG for formal review sgtm, with an explicit note that this has already shipped and has a good ramp on adoption. Yoav, would you be willing to drive that?

@siusin
Copy link
Contributor

siusin commented Sep 25, 2017
edited by yoavweiss
Loading

[Draft] Call for Review --

TAG Review:

I'm requesting a TAG review of:

Further details (optional):

You should also know that...

The Preload spec has already got 2.5 shipping implementations and presence in 0.9% of page views.

We'd prefer the TAG provide feedback as (please select one):

  • open a single issue in our Github repo for the entire review

Self-Review Questionnare on Security and Privacy:

  • Does this specification deal with personally-identifiable information?
    No.
  • Does this specification deal with high-value data?
    No.
  • Does this specification introduce new state for an origin that persists across browsing sessions?
    No.
  • Does this specification expose persistent, cross-origin state to the web?
    No.
  • Does this specification expose any other data to an origin that it doesn’t currently have access to?
    No.
  • Does this specification enable new script execution/loading mechanisms?
    Yes.
    This specification defines the preload keyword that may be used with link elements, it provides a declarative fetch primitive that initiates an early fetch and separates fetching from resource execution.
  • Does this specification allow an origin access to a user’s location?
    No.
  • Does this specification allow an origin access to sensors on a user’s device?
    No.
  • Does this specification allow an origin access to aspects of a user’s local computing environment?
    No.
  • Does this specification allow an origin access to other devices?
    No.
  • Does this specification allow an origin some measure of control over a user agent’s native UI?
    No.
  • Does this specification expose temporary identifiers to the web?
    No.
  • Does this specification distinguish between behavior in first-party and third-party contexts?
    No.
  • How should this specification work in the context of a user agent’s "incognito" mode?
    The feature would work in such a way that the website would not be able to determine that the user was in "incognito".
  • Does this specification persist data to a user’s local device?
    No.
  • Does this specification have a "Security Considerations" and "Privacy Considerations" section?
    Yes.
    https://w3c.github.io/preload/#privacy.
  • Does this specification allow downgrading default security characteristics?
    Yes.
    Preload links for CORS enabled resources, such as fonts or images with a crossorigin attribute, must also include a crossorigin attribute, in order for the resource to be properly used.

@igrigorik @yoavweiss could you give a quick check of the above review details before we send out the wide review requests?

@igrigorik
Copy link
Member Author

@siusin thanks for drafting this! GH formatting was broken in a few places --> updated. LGTM.

@Krinkle
Copy link
Member

Krinkle commented Sep 25, 2017
edited
Loading

@siusin For what it's worth, it seems two of the test suites fail over HTTP (in Chrome at least). Might want to link w3c-test.org over HTTPS instead.

@siusin
Copy link
Contributor

siusin commented Sep 25, 2017

Done.

Thanks @Krinkle !

@yoavweiss
Copy link
Contributor

Opened a TAG review request at w3ctag/design-reviews#202

@siusin
Copy link
Contributor

siusin commented Oct 26, 2017

CR Published on 26-Oct.

Thanks all for getting this done.

@yoavweiss
Copy link
Contributor

@siusin Thank you for publishing! :)

@igrigorik
Copy link
Member Author

Yay! Thanks all.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
w3c
Projects
None yet
Milestone
Level 1
Development

No branches or pull requests
6 participants
@igrigorik @addyosmani @Krinkle @yoavweiss @toddreifsteck @siusin