Add TAO destination check for navigation redirect chains#1931
Merged
Conversation
Contributor
|
Chrome team is supportive. |
noamr
reviewed
Jun 10, 2026
noamr
left a comment
Contributor
There was a problem hiding this comment.
Wouldn't it be simpler to keep a list of TAO value sets and iterate over them when computing the "navigation TAO check"?
Collaborator
Author
@annevk made a similar comment earlier on. What we can do is something like:
I don't know that it's simpler (and it seems like we'd be copying more values around between redirect responses), but happy to move to that model if that's simpler/easier |
Contributor
It's simpler to read (IMO) and potentially cleaner impl wise as there is no set manipulation as you go along and it's not a dedup check for each redirect. |
noamr
approved these changes
Jun 18, 2026
noamr
left a comment
Contributor
There was a problem hiding this comment.
LGTM (though needs the checkboxes etc)
Collaborator
Author
|
@annevk - Can you take a look? Do I need to file a WebKit position on this, or will you be able to state support here? |
yoavweiss
added a commit
to yoavweiss/WebKit
that referenced
this pull request
Jun 21, 2026
…stination origin. https://bugs.webkit.org/show_bug.cgi?id=316647 Reviewed by NOBODY (OOPS!). This PR aligns the WebKit implementation with whatwg/fetch#1931 and whatwg/html#12513, and ensures that TAO opt-ins for navigation timing take the destination origin into account. Tests: imported/w3c/web-platform-tests/navigation-timing/redirect-chain-tao-destination.tentative.html imported/w3c/web-platform-tests/navigation-timing/redirect-chain-tao-partial.tentative.html imported/w3c/web-platform-tests/navigation-timing/redirect-xserver-tao-destination.tentative.html imported/w3c/web-platform-tests/navigation-timing/redirect-xserver-tao-no-referrer.tentative.html imported/w3c/web-platform-tests/navigation-timing/redirect-xserver-tao-other-origin.tentative.html imported/w3c/web-platform-tests/navigation-timing/redirect-xserver-tao-wildcard.tentative.html * LayoutTests/imported/w3c/web-platform-tests/navigation-timing/redirect-chain-tao-destination.tentative-expected.txt: Added. * LayoutTests/imported/w3c/web-platform-tests/navigation-timing/redirect-chain-tao-destination.tentative.html: Added. * LayoutTests/imported/w3c/web-platform-tests/navigation-timing/redirect-chain-tao-partial.tentative-expected.txt: Added. * LayoutTests/imported/w3c/web-platform-tests/navigation-timing/redirect-chain-tao-partial.tentative.html: Added. * LayoutTests/imported/w3c/web-platform-tests/navigation-timing/redirect-xserver-tao-destination.tentative-expected.txt: Added. * LayoutTests/imported/w3c/web-platform-tests/navigation-timing/redirect-xserver-tao-destination.tentative.html: Added. * LayoutTests/imported/w3c/web-platform-tests/navigation-timing/redirect-xserver-tao-no-referrer.tentative-expected.txt: Added. * LayoutTests/imported/w3c/web-platform-tests/navigation-timing/redirect-xserver-tao-no-referrer.tentative.html: Added. * LayoutTests/imported/w3c/web-platform-tests/navigation-timing/redirect-xserver-tao-other-origin.tentative-expected.txt: Added. * LayoutTests/imported/w3c/web-platform-tests/navigation-timing/redirect-xserver-tao-other-origin.tentative.html: Added. * LayoutTests/imported/w3c/web-platform-tests/navigation-timing/redirect-xserver-tao-wildcard.tentative-expected.txt: Added. * LayoutTests/imported/w3c/web-platform-tests/navigation-timing/redirect-xserver-tao-wildcard.tentative.html: Added. * LayoutTests/imported/w3c/web-platform-tests/navigation-timing/resources/redirect-tao.py: Added. (main): * Source/WebCore/page/PerformanceNavigationTiming.cpp: (WebCore::PerformanceNavigationTiming::redirectCount const): * Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp: (WebKit::NetworkLoadChecker::checkRedirection): (WebKit::NetworkLoadChecker::validateResponse): (WebKit::NetworkLoadChecker::appendToNavigationTimingAllowCheckList): (WebKit::NetworkLoadChecker::passesNavigationTAOCheck const): (WebKit::NetworkLoadChecker::shouldExposeNavigationRedirectTiming): * Source/WebKit/NetworkProcess/NetworkLoadChecker.h:
chromium-wpt-export-bot
pushed a commit
to web-platform-tests/wpt
that referenced
this pull request
Jun 23, 2026
This CL implements whatwg/html#12513 and whatwg/fetch#1931, in order to resolve w3c/navigation-timing#215. It enables developers to opt-in to get cross-origin redirect timings, through destination-based Timing-Allow-Origin headers. I2P: https://groups.google.com/a/chromium.org/g/blink-dev/c/GOPn8-wQlsk/m/x5Q3G6KuAgAJ Change-Id: Ib463010f1862af523a241d2e9180ff09bfedb101 Bug: 521861828 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7915892 Commit-Queue: Yoav Weiss (@Shopify) <yoavweiss@chromium.org> Reviewed-by: Noam Rosenthal <nrosenthal@google.com> Cr-Commit-Position: refs/heads/main@{#1650808}
brave-builds
pushed a commit
to brave/chromium
that referenced
this pull request
Jun 23, 2026
This CL implements whatwg/html#12513 and whatwg/fetch#1931, in order to resolve w3c/navigation-timing#215. It enables developers to opt-in to get cross-origin redirect timings, through destination-based Timing-Allow-Origin headers. I2P: https://groups.google.com/a/chromium.org/g/blink-dev/c/GOPn8-wQlsk/m/x5Q3G6KuAgAJ Change-Id: Ib463010f1862af523a241d2e9180ff09bfedb101 Bug: 521861828 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7915892 Commit-Queue: Yoav Weiss (@Shopify) <yoavweiss@chromium.org> Reviewed-by: Noam Rosenthal <nrosenthal@google.com> Cr-Commit-Position: refs/heads/main@{#1650808}
annevk
approved these changes
Jun 24, 2026
annevk
left a comment
Member
There was a problem hiding this comment.
This design seemed reasonable to @achristensen07 and I so you can consider WebKit supportive.
|
This looks good from the Mozilla side as well. |
jcscottiii
pushed a commit
to web-platform-tests/wpt
that referenced
this pull request
Jun 24, 2026
This CL implements whatwg/html#12513 and whatwg/fetch#1931, in order to resolve w3c/navigation-timing#215. It enables developers to opt-in to get cross-origin redirect timings, through destination-based Timing-Allow-Origin headers. I2P: https://groups.google.com/a/chromium.org/g/blink-dev/c/GOPn8-wQlsk/m/x5Q3G6KuAgAJ Change-Id: Ib463010f1862af523a241d2e9180ff09bfedb101 Bug: 521861828 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7915892 Commit-Queue: Yoav Weiss (@Shopify) <yoavweiss@chromium.org> Reviewed-by: Noam Rosenthal <nrosenthal@google.com> Cr-Commit-Position: refs/heads/main@{#1650808} Co-authored-by: Yoav Weiss <yoavweiss@chromium.org>
yoavweiss
added a commit
to yoavweiss/WebKit
that referenced
this pull request
Jun 24, 2026
…stination origin. https://bugs.webkit.org/show_bug.cgi?id=316647 Reviewed by NOBODY (OOPS!). This PR aligns the WebKit implementation with whatwg/fetch#1931 and whatwg/html#12513, and ensures that TAO opt-ins for navigation timing take the destination origin into account. * Source/WebCore/page/PerformanceNavigationTiming.cpp: (WebCore::PerformanceNavigationTiming::redirectCount const): * Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp: (WebKit::NetworkLoadChecker::checkRedirection): (WebKit::NetworkLoadChecker::validateResponse): (WebKit::NetworkLoadChecker::appendToNavigationTimingAllowValuesList): (WebKit::NetworkLoadChecker::passesNavigationTAOCheck const): (WebKit::NetworkLoadChecker::shouldExposeNavigationRedirectTiming): * Source/WebKit/NetworkProcess/NetworkLoadChecker.h:
annevk
pushed a commit
to whatwg/html
that referenced
this pull request
Jun 25, 2026
yoavweiss
added a commit
to yoavweiss/WebKit
that referenced
this pull request
Jun 26, 2026
…stination origin. https://bugs.webkit.org/show_bug.cgi?id=316647 Reviewed by NOBODY (OOPS!). This PR aligns the WebKit implementation with whatwg/fetch#1931 and whatwg/html#12513, and ensures that TAO opt-ins for navigation timing take the destination origin into account. No new tests, but a test progresses. * LayoutTests/imported/w3c/web-platform-tests/navigation-timing/redirect-tao-expected.txt: Progression. * Source/WebCore/page/PerformanceNavigationTiming.cpp: (WebCore::PerformanceNavigationTiming::redirectCount const): TAO check. * Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp: (WebKit::NetworkLoadChecker::checkRedirection): Append TAO values. (WebKit::NetworkLoadChecker::validateResponse): Set TAO values on the response. (WebKit::NetworkLoadChecker::appendToNavigationTimingAllowValuesList): Accumulate TAO values. (WebKit::NetworkLoadChecker::passesNavigationTAOCheck const): Check if the response passes TAO check. (WebKit::NetworkLoadChecker::shouldExposeNavigationRedirectTiming): helper method. * Source/WebKit/NetworkProcess/NetworkLoadChecker.h:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
As part of the WebPerfWG discussion on re-exposing redirectCount for opted-in cross-origin redirects, we discussed the fact that TAO currently only opts-in "backwards" in terms of origins, and doesn't constitute an opt-in to the destination origin, which is the appropriate opt-in for navigations (contrary to subresources).
This PR adds the mechanisms that can enable such "forward" opt-in, and can enable a response to a redirect chain to know that the redirect chain opted in to expose the redirects to its origin.
Once this lands, we'd use the relevant algorithms in the related HTML PR.
(See WHATWG Working Mode: Changes for more details.)
Preview | Diff