Intent to Remove: Rename User-Agent Client Hint ACCEPT-CH tokens

2218 views
Skip to first unread message

Aaron Tagliaboschi

unread,
Dec 16, 2020, 4:42:05 PM12/16/20
to blink-dev, mike...@chromium.org, jadek...@chromium.org
Contact
aaro...@chromium.org
mike...@chromium.org
jadek...@chromium.org

Summary
We are migrating the User-Agent Client Hint tokens from “ua-*” to “sec-ch-ua-*”. Our proposed timeline is to get this change merged to Chrome 88 (stable cut for which is on January 12th, rollout on Jan 19th), before the UA-CH feature is fully rolled out and usage is still low. This will require a fair amount of work; more on that below.

Motivation
The current ACCEPT-CH tokens for client hints are in the format “ua-*”. This isn’t in line with the Client Hints spec, Section 3.1, which recommends the tokens be the same as the associated header names. This should also hopefully reduce confusion for those that want to use the feature.

Interoperability and Compatibility Risk
No other major engines currently support User-Agent Client Hints, so there’s no interoperability risk.

Compatibility risk is low to none, as the User Agent Client Hints are not fully shipped yet and current use is very low.

Migration
We believe it would be best to make a clean switch instead of supporting both formats of tokens for a number of releases because there’s little to no usage outside of testing, demos, and documentation, most of which is internal. We’re hoping to get all of this out into milestone 88, so we can get this changed before a full rollout is announced and people start actually using it. We are open to consider alternative opinions from API owners, however, if this does not seem like a reasonable course of action.

Alternative implementation suggestion for web developers
For now, anyone wishing to test or ship the feature can include both the old “ua-*” and new “sec-ch-ua-*” tokens in the ACCEPT-CH header until the change over is fully rolled out. Spec and implementation ignore unrecognized tokens, so one will be used and the other will be ignored.

Aaron Tagliaboschi

unread,
Dec 17, 2020, 1:59:58 PM12/17/20
to blink-dev, Aaron Tagliaboschi, mike...@chromium.org, jadek...@chromium.org
It seems as though I was working on an outdated intent template. Here's some extra links:

Chrome status

Tracking Bug

Daniel Bratell

unread,
Dec 17, 2020, 2:27:10 PM12/17/20
to Aaron Tagliaboschi, blink-dev, mike...@chromium.org, jadek...@chromium.org

When you say that usage is low, what more exactly does that mean? Is there for instance a use counter that gives some indication (exact number or floor/ceiling)?

If you by "not fully shipped yet", mean that it's only been available in trials, then I think it should be fine, especially since it's possible to inform all the people that have signed up.

/Daniel

--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/02d62e2f-5044-4fc9-a8a7-ab22e0cde6e9n%40chromium.org.

Aaron Tagliaboschi

unread,
Jan 8, 2021, 11:18:29 AMJan 8
to blink-dev, Daniel Bratell, mike...@chromium.org, jadek...@chromium.org, Aaron Tagliaboschi
Apologies for the delay in response. By "not rolled out" I meant to say we've not rolled out to 100% of the stable population. We feel that the risk of change is low right now because no site can depend of the feature without it being rolled out to the full population.

Unfortunately there are no public UseCounters right now.

Aaron Tagliaboschi

Philip Jägenstedt

unread,
Jan 11, 2021, 5:20:03 AMJan 11
to Aaron Tagliaboschi, blink-dev, Daniel Bratell, mike...@chromium.org, jadek...@chromium.org
I take it this is controlled by Finch? What proportion of Chrome users is this already enabled for, and is it enabled or disabled by default for other Chromium-based browsers?

Philip Jägenstedt

unread,
Jan 11, 2021, 5:56:24 AMJan 11
to Aaron Tagliaboschi, blink-dev, Daniel Bratell, mike...@chromium.org, jadek...@chromium.org
I have been informed that we can't share the exact percentages for Finch trials, but that this is enabled for something less than 100% of users since Dec 14. Also it's disabled by default so other Chromium-based browsers will not have accidentally shipped this. So there hasn't been much opportunity for sites to begin depending on the existing names.

LGTM1 to renaming.

Eric Lawrence

unread,
Jan 11, 2021, 6:12:52 PMJan 11
to blink-dev, Philip Jägenstedt, blink-dev, Daniel Bratell, mike...@chromium.org, jadek...@chromium.org, Aaron Tagliaboschi
> I have been informed that we can't share the exact percentages for Finch trials

I'm curious about why that is? The Finch system publishes the percentages as a part of its design, so anyone who wants to can get the numbers.

Philip Jägenstedt

unread,
Jan 14, 2021, 12:03:45 PMJan 14
to Eric Lawrence, blink-dev, Daniel Bratell, mike...@chromium.org, jadek...@chromium.org, Aaron Tagliaboschi
On Tue, Jan 12, 2021 at 12:12 AM 'Eric Lawrence' via blink-dev <blin...@chromium.org> wrote:
> I have been informed that we can't share the exact percentages for Finch trials

I'm curious about why that is? The Finch system publishes the percentages as a part of its design, so anyone who wants to can get the numbers.

I didn't know that, but I guess because the config is maintained in google3. If you are able to get the percentage from a public endpoint, feel free to post it here :)

FWIW, I don't think the exact percentage here changes the calculus. Whether it's 10% or 90% or something else, this was still shipped very recently to less than all users.

Mike Taylor

unread,
Jan 20, 2021, 2:22:12 PMJan 20
to Daniel Bratell, jadek...@chromium.org, blink-dev, Aaron Tagliaboschi
On 12/17/20 1:26 PM, Daniel Bratell wrote:
> When you say that usage is low, what more exactly does that mean? Is
> there for instance a use counter that gives some indication (exact
> number or floor/ceiling)?

I did some spelunking[1] in the `httparchive.latest.requests_desktop`
and `httparchive.latest.requests_mobile` tables to try to understand
current usage. Here's a summary:

Desktop: Only 30 sites are sending Accept-CH headers. Of those, 2 are
sending UA-CH tokens of the format "UA-*". 1 other site is sending
totally invalid tokens (ua, platform, arch, model).

Mobile: Only 32 sites are sending Accept-CH headers. Of those, 2 are
sending UA-CH tokens of the format "UA-*". 1 other site is sending
totally invalid tokens (ua, platform, arch, model).

The raw results are at [2].

Usage for UA-CH right now, as represented by the HTTP Archive dataset is
virtually non-existent. If we use this as a proxy for all sites visited
by Chrome users, I don't think usage is high enough to block the rename
right now and we can do outreach to the known sites to give them a heads
up on the rename.

Does that address concerns by owners around usage?

[1] <https://gist.github.com/miketaylr/4b07867c9ab563b4aa380d1627ae5d23>

[2]
<https://docs.google.com/spreadsheets/d/1W_qVJNGc5NRzk9M9FXfwTuQC7Ag3gtQkFAWJqD_EFBk/edit#gid=770148206>

thanks,

Mike

Mike West

unread,
Jan 21, 2021, 3:08:55 PMJan 21
to Mike Taylor, Daniel Bratell, jadek...@chromium.org, blink-dev, Aaron Tagliaboschi
I agree with Mike's analysis of HTTP Archive (and not just because he has a great name). I came up with marginally different numbers (~2,470 top-level navigations that returned `Accept-CH` headers, 68 of which include the string "ua", 28 (12 unique registrable domains) of which contain "ua-"). `mail.ru` looks like the largest of those 12, the others don't look super high-traffic.

That's borne out by the numbers in https://chromestatus.com/metrics/feature/timeline/popularity/2789 (which look like they're from stable, and are very small). This seems very low risk.

LGTM1.

-mike

P.S. I gathered data via variations on:

```
CREATE TEMPORARY FUNCTION extractHeader(payload STRING, name STRING)
RETURNS STRING LANGUAGE js AS '''
try {
  var $ = JSON.parse(payload);
  var header = $._headers.response.find(h => h.toLowerCase().startsWith(name + ":"));
  if (!header)
    return null;
  return header.substr(header.indexOf(':') + 1).trim();
} catch (e) {
  return null;
}
''';

SELECT
  NET.REG_DOMAIN(url) as host,
  extractHeader(payload, "accept-ch") as ch
FROM
  `httparchive.requests.2021_01_01_desktop`
WHERE
  REGEXP_EXTRACT(payload, r'(?i)sec-fetch-mode:\s*([a-z0-9_\/-]+)') = "navigate"
  AND REGEXP_EXTRACT(payload, r'(?i)sec-fetch-dest:\s*([a-z0-9_\/-]+)') = "document"
  AND extractHeader(payload, "accept-ch") IS NOT NULL
  AND STRPOS(LOWER(extractHeader(payload, "accept-ch")), "ua-") != 0
GROUP BY host, ch
```


--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.

Mike West

unread,
Jan 21, 2021, 3:11:27 PMJan 21
to Mike Taylor, Daniel Bratell, jadek...@chromium.org, blink-dev, Aaron Tagliaboschi
Gah. I sent this from the wrong email address, _and_ it was LGTM2.

-mike

Chris Harrelson

unread,
Jan 21, 2021, 3:12:42 PMJan 21
to Mike West, Mike Taylor, Daniel Bratell, jadek...@chromium.org, blink-dev, Aaron Tagliaboschi

Aaron Tagliaboschi

unread,
Jan 22, 2021, 7:43:01 AMJan 22
to Chris Harrelson, Mike West, Mike Taylor, Daniel Bratell, jadek...@chromium.org, blink-dev
Thanks all! crrev.com/c/2595089 has been successfully merged to ToT (after some tryjob woes last night, apparently)

Aaron Tagliaboschi | Software Engineer, Chrome Trust & Safety


You received this message because you are subscribed to a topic in the Google Groups "blink-dev" group.
To unsubscribe from this topic, visit https://groups.google.com/a/chromium.org/d/topic/blink-dev/t-S9nnos9qU/unsubscribe.
To unsubscribe from this group and all its topics, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw_ois5ZDY_hqjXeP%3DhgFs8TQbX6Po0roEkgHiKRd1xkZw%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages