Explainer change for separate rate-limits for embedded site #1457
Conversation
|
@jolynyao Could you PTAL, thanks! |
linnan-github
force-pushed
the
embeddedBudget
branch
4 times, most recently
from
5144c38 to
f6c6a38
Compare
|
LGTM thanks @linnan-github! |
linnan-github
force-pushed
the
embeddedBudget
branch
from
29e0579 to
22edc9a
Compare
linnan-github
force-pushed
the
embeddedBudget
branch
from
22edc9a to
8a0e156
Compare
index.bs
Outdated
| [=navigable/top-level traversable=]'s [=navigable/active document=]'s [=origin=]. | ||
| To obtain the <dfn export for=node>context origin</dfn> of a [=node=] |node|: | ||
|
|
||
| 1. Optionally, return the embedded origin if it exists. |
There was a problem hiding this comment.
It'd be helpful for people reading the spec to have some definition of embedded origin here, either in a note or in a link.
index.bs
Outdated
| [=navigable/top-level traversable=]'s [=navigable/active document=]'s [=origin=]. | ||
| To obtain the <dfn export for=node>context origin</dfn> of a [=node=] |node|: | ||
|
|
||
| 1. Optionally, return the embedded origin if it exists. |
There was a problem hiding this comment.
Does optionally here mean that different implementations can choose whether they care about embedded origins and still be compliant with the specification?
There was a problem hiding this comment.
Yes, that is the intention to leave it defined by the user agent.
There was a problem hiding this comment.
I think we should clarify that. Otherwise, it could be interpreted as "some of the time, do this," when it really means that the implementation can choose whether it supports the notion of embedded origins, but if it does, this algorithm should be consistent.
There was a problem hiding this comment.
It could also apply to the case "some of the time, do this". For example, if we only want to do this for sources but not triggers.
There was a problem hiding this comment.
Right, but the point is that the algorithm should be consistent under particular static circumstances. For example, it is not in the spirit of this specification for the implementation to generate a random number to decide whether to return the embedded origin or actual origin.
index.bs
Outdated
| Note: The user agent may return the embedded origin to allow separate limits | ||
| for specific use cases. Embedded origin could be the effective top-level origin, | ||
| e.g. the origin of the website displayed in the AMP viewer. |
There was a problem hiding this comment.
I still don't think someone reading this is going to understand what an embedded origin is, as it's not a standard term as far as I know. An example would definitely help, but we should also avoid referring to AMP in the spec if possible. Maybe we can give a neutral example like comparing https://foo.example/ vs https://foo.example/bar.example?
| [=navigable/active document=]'s [=origin=]. | ||
|
|
||
| Note: The user agent may return the embedded origin to allow separate limits | ||
| for specific use cases. Embedded origin could be the effective top-level origin. |
There was a problem hiding this comment.
| for specific use cases. Embedded origin could be the effective top-level origin. | |
| for specific use cases. The embedded origin could be the effective top-level origin. |
| For example, https://foo.example/bar.example is embedded within https://foo.example, | ||
| where https://foo.example is the top-level origin and https://bar.example is the embedded origin. |
There was a problem hiding this comment.
| For example, https://foo.example/bar.example is embedded within https://foo.example, | |
| where https://foo.example is the top-level origin and https://bar.example is the embedded origin. | |
| For example, a URL like `https://foo.example/bar.example` could be interpreted as embedding the origin `https://bar.example`. |
Fixes #1452
Preview | Diff