Origin Trials

Editor’s Draft,

This version:
https://jpchase.github.io/ExperimentalFramework/
Issue Tracking:
GitHub
Inline In Spec
Editor:
(Google)

CC0 To the extent possible under law, the editors have waived all copyright and related or neighboring rights to this work. In addition, as of 5 April 2016, the editors have made this specification available under the Open Web Foundation Agreement Version 1.0, which is available at http://www.openwebfoundation.org/legal/the-owf-1-0-agreements/owfa-1-0. Parts of this work may be from another specification document. If so, those parts are instead covered by the license of that specification document.

Abstract

Doing Science On The Web summarizes the past problems in bringing new features to the web platform. Briefly, the web needs new features, and iteration yields the best designs and implementations for those features. However, previous efforts have seen experiments prematurely become de-facto standards, with browser vendors scrambling to implement the features, and web developers coming to rely on these features. These experimental features became burned-in, and resistant to change (or removal), even though better implementations were identified/available.

One of the root causes was that experimental features were available too widely, and thus usage grew unchecked as a result. Ideally, it should be easier to expose and iterate on new features, but reliably limit the experimental population. With a test population of developers committed to providing feedback, and limits in user base size and experiment duration, iteration can happen faster, but without the risk of burn-in.

1. Introduction

This section is informative.

2. Model

A trial#trialReferenced in:2. Model2.2. The meta element3. Integration with HTML is something that can be enabled or disabled.

define trial and other terminology better.

A trial token#trial-tokenReferenced in:2. Model2.1. The Origin-Trial HTTP Response Header Field2.2. The meta element3. Integration with HTML (2)3.1. Initialize a Document's trial token list3.2. Initialize a WorkerGlobalScope's trial token list is a string in a user agent defined format. A trial token is somehow associated with a trial.

The Origin-Trial#origin-trialReferenced in:2.1. The Origin-Trial HTTP Response Header Field (2)3.1. Initialize a Document's trial token list3.2. Initialize a WorkerGlobalScope's trial token list HTTP response header field can be used to deliver trial tokens from a server to a client. The header’s value is represented by the following ABNF:

Origin-Trial = 1#serialized-trial-token

serialized-trial-token#grammardef-serialized-trial-tokenReferenced in:2.1. The Origin-Trial HTTP Response Header Field3.1. Initialize a Document's trial token list3.2. Initialize a WorkerGlobalScope's trial token list = token | quoted-string

Origin-Trial: some-token, some|other|token
Origin-Trial: yet_another_token

When the user agent receives a Origin-Trial header field, it MUST process it as described in §3 Integration with HTML.

2.2. The meta element

A Document may specify trial tokens via one or more HTML meta elements whose http-equiv attributes are an ASCII case-insensitive match for the string "Origin-Trial". For example:

<meta http-equiv="Origin-Trial" content="sometoken">

Authors are strongly encouraged to place meta elements as early in the dcument as possible, because tokens in meta elements are not taken into account for content which precedes them. In particular, note that script executed before the meta element will not have access to trials enabled by tokens in the meta element.

Another option would be to not process meta elements that occur after the first script tag. But that won’t be enough, since link can allow script execution via its load and error events as well, as one example of another way to execute javascript.

Note: Modifications to a meta element after the element has been parsed will be ignored.

3. Integration with HTML

The Document and WorkerGlobalScope objects have a trial token list#trial-token-listReferenced in:3. Integration with HTML3.1. Initialize a Document's trial token list (2) (3)3.2. Initialize a WorkerGlobalScope's trial token list (2) (3) (4) (5) (6) (7)3.3. Processing of a meta tag, which holds all the trial tokens which are active fo a given context. This list is empty unless otherwise specified.

A trial trial is enabled in a specific context if any of the trial tokens in context’s trial token list is associated with trial.

3.1. Initialize a Document's trial token list

This algorithm should be executed during the initialising a new Document object algorithm.

Given a Document (document) and a response (response), the user agent performs the following steps in order to initialize document’s trial token list:

  1. If response’s url’s scheme is a local scheme:

    this is about blob URLs, about:blank, and similar. We should define what to do here. It might make sense to inherit tokens from the creating document, similar to how CSP policies etc are inherited.

  2. For each serialized-trial-token serializedToken resulting from parsing the Origin-Trial headers in response’s header list:

    1. Add the trial token represented by serializedToken to document’s trial token list.

3.2. Initialize a WorkerGlobalScope's trial token list

This algorithm shuold be executed as part of the run a worker algorithm.

Given a WorkerGlobalScope (global), response (response) and possible WorkerGlobalScope parentWorker the user agent performs the following steps in order to initialize global’s trial token list:

  1. If global is a DedicatedWorkerGlobalScope instance:

    1. If global has a parentWorker, set global’s trial token list to a copy of parentWorker’s trial token list.

    2. Else set global’s trial token list to a copy of global’s responsible document’s trial token list.

  2. Else:

    1. For each serialized-trial-token serializedToken resulting from parsing the Origin-Trial headers in response’s header list:

      1. Add the trial token represented by serializedToken to global’s trial token list.

does this need special handling for about:blank, blob: urls etc?

3.3. Processing of a meta tag

When a meta element is inserted into a document, if its http-equiv attribute is present and represents a Origin-Trial, the user agent must run the following algorithm:

  1. If the meta element is not a child of a head element, abort these steps.

  2. If the meta element has no content attribute, abort these steps.

  3. If the meta element was created by script, abort these step.

    need to define what "created by script" means, and what is/isn’t supported

  4. Add the value of the content attribute to the Document's trial token list.

Index

Terms defined by this specification

Terms defined by reference

References

Normative References

[FETCH]
Anne van Kesteren. Fetch Standard. Living Standard. URL: https://fetch.spec.whatwg.org/
[HTML]
Ian Hickson. HTML Standard. Living Standard. URL: https://html.spec.whatwg.org/multipage/
[RFC5234]
D. Crocker, Ed.; P. Overell. Augmented BNF for Syntax Specifications: ABNF. January 2008. Internet Standard. URL: https://tools.ietf.org/html/rfc5234
[RFC7230]
R. Fielding, Ed.; J. Reschke, Ed.. Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing. June 2014. Proposed Standard. URL: https://tools.ietf.org/html/rfc7230
[WHATWG-DOM]
Anne van Kesteren. DOM Standard. Living Standard. URL: https://dom.spec.whatwg.org/
[WHATWG-URL]
Anne van Kesteren; Sam Ruby. URL Standard. Living Standard. URL: https://url.spec.whatwg.org/

Informative References

[Doing Science On The Web]
Doing Science On The Web. URL: https://infrequently.org/2015/08/doing-science-on-the-web/

Issues Index

define trial and other terminology better.
Another option would be to not process meta elements that occur after the first script tag. But that won’t be enough, since link can allow script execution via its load and error events as well, as one example of another way to execute javascript.
this is about blob URLs, about:blank, and similar. We should define what to do here. It might make sense to inherit tokens from the creating document, similar to how CSP policies etc are inherited.
does this need special handling for about:blank, blob: urls etc?
need to define what "created by script" means, and what is/isn’t supported