-
Notifications
You must be signed in to change notification settings - Fork 69
Nice things we can't have
Noam Rosenthal edited this page Mar 18, 2024
·
7 revisions
This page aims to be an exhaustive list of performance metrics we'd like to have, but can't because of privacy/security limitations. Feel free to add to it.
Hopefully in the future we can find a privacy-preserving solution for these, such as using private aggregation API for measurements and differential privacy for dimensions. Collecting the use cases would help us check if the shoe fits.
| The feature | Description | Why we can’t report it | Usage |
|---|---|---|---|
| Cross-origin redirects at start | LCP and navigation timing are affected by cross-origin redirects at the start of the response. | The final document should not be aware of the URLs that redirected to it | Measurement + redirect origins |
| Fine-grained memory usage | Cross-origin leak (though this is perhaps Ok with COEP) + fingerprinting? | measurement | |
| Some aspects of Network downlink | Dimension | ||
| DNS timing | Reveals things about the user’s configuration. Not the site’s data to opt-in to | Dimension | |
| System load | New ancillary data | Dimension | |
| Frame Presentation Time | More accurate representation of "pixels on screen" | visited links & ancillary data about machine | measurement |
| Battery/power level | Correlate between status of device/user and performance | very private info | dimension |
| Multiple redirects in RT | See this issue | current TAO semantics don't suffice | measurement |
| Various causes of entropy | e.g. extensions, system being busy, cold start | ancillary data | Dimension |
| Total page weight | Size of all resources, including cross-origin IFrames | Same-origin policy | measurement |