Camille, do you have a sense for whether there's anything technical preventing the NavigationThrottle code from simulating a redirect? I think Nasko mentioned something about it being hard to simulate from outside the network stack, but otherwise I'm not opposed to the idea.(This isn't the first feature that has wanted the ability to redirect, so it seems potentially desirable. I think the closest equivalent is the Web Request API, though I've heard it's quite complex and isn't a good model for how to do a redirect.)CharlieOn Tue, Jul 31, 2018 at 11:30 AM Robert Ogden <rober...@google.com> wrote:Hi all,
I'd like to add some new functionality in a content::NavigationThrottle and am determining the best way to do it. This new functionality would allow an embedder to redirect the main frame request of a navigation to a specified new URL, optionally with new/additional/conditional request headers.
One way to do this that does not require any //content changes, is to have a NavigationThrottle return content::NavigationThrottle::CANCEL and then PostTask a new navigation to WebContents::OpenURL.
Another proposed solution is to create a new ThrottleAction like CHANGE_URL or REDIRECT to do the same thing (this would require other state in ThrottleCheckResult). This would require tricky internal changes to //content but seems potentially useful down the road.
What are you thoughts?
Thanks
Robert
--Robert Ogden
Any thoughts on this? The core workings of our feature is blocked behind this discussion and I'd like to make it into M70. Hoping to have some decision by the end of the week, but we can talk on GVC if that helps.I did some of the exploration Charlie mentioned to Camille in the last email. It looks like it is reasonably straightforward to offer a redirect action on WillStartRequest since the URLLoader in NavigationRequest can just be given the new URL, but in WillRedirectRequest, content can't push the new URL to the URLLoader in the network stack, so we'd need to reset the URLLoader with a new one anyways. I'm sure there are several gotchas that follow from that, like where to pick up on checking throttles and how to update state.I'm very tempted by the cancel and OpenURL option as it doesn't require any content changes which could have many delicate edge cases.ThanksRobert
Friendly ping :)On Thu, Aug 16, 2018 at 2:08 PM Robert Ogden <rober...@chromium.org> wrote:Hello all, again.After landing some code for my feature, we've discovered that the above approach doesn't work well. Specifically, the cancel and open pattern resets the PLM harness, breaking the accuracy of the metrics that it collects. We also note that it would probably have a similar effect on UKM which uses navigation IDs, but haven't dug into that very far since the PLM breakage alone is a deal breaker.I've written a proof of concept CL that adds a CHANGE_URL ThrottleAction and a small NavigationThrottle that uses it to demonstrate the effect. https://chromium-review.googlesource.com/c/chromium/src/+/1178895I'd appreciate it if somebody could take an informal pass on this and let me know if the general approach and public API changes are acceptable. If so, I'll invest more time on this CL to make it merge-worthy.Thanks!RobertOn Fri, Aug 3, 2018 at 11:34 AM Robert Ogden <rober...@chromium.org> wrote:jam's idea won't work after all, so I'm back to this.
> Please be sure to not allow arbitrary redirects, as those can violate security properties of the browser.No, we will only ever redirect to a Google-owned domain.
I took a quick look over the CL. What bothers me a bit is that on the CHANGE_URL action we completely lose the state of the original URLLoader and create a new one. We can look at what state needs to be carried over, but an example would be redirects encountered by the initial loader before we reach CHANGE_URL.On Mon, Aug 20, 2018 at 12:24 PM Robert Ogden <rober...@chromium.org> wrote:Friendly ping :)On Thu, Aug 16, 2018 at 2:08 PM Robert Ogden <rober...@chromium.org> wrote:Hello all, again.After landing some code for my feature, we've discovered that the above approach doesn't work well. Specifically, the cancel and open pattern resets the PLM harness, breaking the accuracy of the metrics that it collects. We also note that it would probably have a similar effect on UKM which uses navigation IDs, but haven't dug into that very far since the PLM breakage alone is a deal breaker.I've written a proof of concept CL that adds a CHANGE_URL ThrottleAction and a small NavigationThrottle that uses it to demonstrate the effect. https://chromium-review.googlesource.com/c/chromium/src/+/1178895I'd appreciate it if somebody could take an informal pass on this and let me know if the general approach and public API changes are acceptable. If so, I'll invest more time on this CL to make it merge-worthy.Thanks!RobertOn Fri, Aug 3, 2018 at 11:34 AM Robert Ogden <rober...@chromium.org> wrote:jam's idea won't work after all, so I'm back to this.Can you give us a bit of context why it didn't work? Is it completely out of the picture to support this by adding redirect-like functionality to URLLoader that is caused externally?
> Please be sure to not allow arbitrary redirects, as those can violate security properties of the browser.No, we will only ever redirect to a Google-owned domain.This is only a promise for your own feature. If we add CHANGE_URL functionality in throttles, it has to support any feature misusing it by mistake.
Thanks! I've noted that state in the original URLLoader needs to be pushed to the new one.Replied to other comments inline below.On Tue, Aug 21, 2018 at 9:41 AM Nasko Oskov <na...@chromium.org> wrote:I took a quick look over the CL. What bothers me a bit is that on the CHANGE_URL action we completely lose the state of the original URLLoader and create a new one. We can look at what state needs to be carried over, but an example would be redirects encountered by the initial loader before we reach CHANGE_URL.On Mon, Aug 20, 2018 at 12:24 PM Robert Ogden <rober...@chromium.org> wrote:Friendly ping :)On Thu, Aug 16, 2018 at 2:08 PM Robert Ogden <rober...@chromium.org> wrote:Hello all, again.After landing some code for my feature, we've discovered that the above approach doesn't work well. Specifically, the cancel and open pattern resets the PLM harness, breaking the accuracy of the metrics that it collects. We also note that it would probably have a similar effect on UKM which uses navigation IDs, but haven't dug into that very far since the PLM breakage alone is a deal breaker.I've written a proof of concept CL that adds a CHANGE_URL ThrottleAction and a small NavigationThrottle that uses it to demonstrate the effect. https://chromium-review.googlesource.com/c/chromium/src/+/1178895I'd appreciate it if somebody could take an informal pass on this and let me know if the general approach and public API changes are acceptable. If so, I'll invest more time on this CL to make it merge-worthy.Thanks!RobertOn Fri, Aug 3, 2018 at 11:34 AM Robert Ogden <rober...@chromium.org> wrote:jam's idea won't work after all, so I'm back to this.Can you give us a bit of context why it didn't work? Is it completely out of the picture to support this by adding redirect-like functionality to URLLoader that is caused externally?jam@'s idea only works when the original url (not a redirect) is what is changed. So say I want to trigger on https://m.foo.com and the user types in foo.com. foo.com redirects to https://m.foo.com, but would not see the change. Further more, jam's feature only supports same-origin.> Please be sure to not allow arbitrary redirects, as those can violate security properties of the browser.No, we will only ever redirect to a Google-owned domain.This is only a promise for your own feature. If we add CHANGE_URL functionality in throttles, it has to support any feature misusing it by mistake.How about allowing arbitrary redirects to domains that satisfy IsGoogleHostname or are already in the redirect chain (in case my feature needs to bypass after an attempted redirection)
--
--
Chromium Developers mailing list: chromi...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-dev
---
You received this message because you are subscribed to the Google Groups "Chromium-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-dev...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-dev/69ba2531-dac3-4688-91b1-bd79bd772cd7n%40chromium.org.
On Tue, Jun 8, 2021 at 10:53 AM Ryan Sturm <ryan...@google.com> wrote:Just adding some context around the direction LitePages went with (now removed due to feature being removed).LitePages landed on using a navigation URLLoader interceptor to insert redirects. This lived between content navigation and the network stack, essentially. The model was:
- Determine if we should try to fetch an alternative URL
- On success, serve redirect to alternative URL, on failure, fallback to regular network behavior
- Second interceptor serves the stored response from (1/2) to the redirect URL
SearchPrefetch also uses a similar model without serving the redirect:I don't have a lot of context about how interstitials are served, but it seems like you could use this model to serve the content and separately determine when the interstitial needs to be served at a higher layer.Accidentally sent a reply from @google.com address, re-sending with @chromium (see above).