Interventions: updates since 1/11/2017

[kenji...@google.com]

This email has been automatically sent by a script (got feedback?)
What are interventions?
An Intervention is when a Browser opts for:

• an intentional deviation from a behavior that developers expect and/or rely on,
• which is motivated by the desire to fulfill an important user need.

Because of its nature, it must be done sparingly and with extreme care to not only achieve but also sustain a positive outcome.


Updates for interventions since 1/11/2017

Cancel modal dialogs on tab switch and don't allow them for background pages ("Project OldSpice")
Engineer(s): a...@google.com
Status as of 1/12/2017

Got ship review for 50% beta, Finch is turning it on for 50% beta.

Next Steps:

Wait to see what happens.

Link(s): implementation


Make background tab throttling more aggressive
Engineer(s): skyo...@google.com, alt...@google.com
Status as of 1/17/2017

Got required approvals to launch in Beta (launch bug: crbug.com/650594)

Next Steps:

launch in Beta.

Link(s): spec/discussion implementation


Use site engagement for showing modal dialogs
Engineer(s): domi...@google.com
Status as of 1/17/2017

UseCounters have landed and will go to stable in M57.

Next Steps:

Watch the UseCounters.

gating Vibrate API on positive Site Engagement
Engineer(s): domi...@google.com
Status as of 1/17/2017

UseCounters have landed and will go to stable in M57.

Next Steps:

Watch the UseCounters.

Link(s): implementation


disallow top-level navigations to blob/data urls
Engineer(s): mea...@google.com, dch...@google.com
Status as of 1/17/2017

In order to understand the impact, I added mime type metrics for data URLs on 2017/01/13. According to very early UMA:
- 93% of navigations are to text/html
- Less than 1% to other content types that can be used for spoofing (xhtml, pdf, svg)
- Remaining 6% to content types that cannot be used for spoofing (images, audio, video etc)

The metrics suggests that we will be showing "Not Secure" badging for almost all data: URLs, if we end up doing that.

Some research revealed that IE and Edge started blocking data: URLs again. Edge allowed it for some time because of Chrome compatibility, but looks like they reversed course. Additionally, Firefox started displaying the opener URL for about:blank pages which is also something I wanted to do for a long time.

Next Steps:

For meacer: Depending on the conclusion of the omnibox badging, I might pursue blocking blob: or filesystem: URLs. Reach out to other vendors to explore a unified stance (e.g. blocking).

For dcheng: Figure out how to resolve the race condition for crrev.com/2416523002

Link(s): implementation


Make touch events uncancelable on unresponsive pages
Engineer(s): tdre...@google.com
Status as of 1/17/2017

Bulk of the code landed.

Next Steps:

Land finch config, console warning. Send intent to implement.

Link(s): implementation


Don't load slow web fonts (using NQE)
Engineer(s): tba...@google.com, toyo...@google.com
Status as of 1/16/2017

Experiment currently enabled on M-56+ Canary, Dev, Beta. Prelim results show 0.8% reduction in PageLoad.PaintTiming.NavigationToFirstTextPaint at higher percentiles.

Next Steps:

Wait for data from stable channel (M-56), also wait for NQE triggering to improve due to disk caching (M-57)

Link(s): spec/discussion implementation


Make touchstart during a fling uncancelable
Engineer(s): tdre...@google.com, lan...@google.com
Status as of 1/17/2017

Shipped in M57

Next Steps:

N/A

Link(s): implementation


Throttle timers for out-of-view cross-origin frames
Engineer(s): skyo...@google.com
Status as of 1/17/2017

Re-re-enabled in M57.

Next Steps:

Look at UMA, figure out what's up with ESPN (crbug.com/680925)

Link(s): spec/discussion implementation




Full details for all the interventions can be found at bit.ly/proposed-interventions.
See also, WICG interventions: a place for browsers to collaborate on browser interventions.
Tell us how useful these updates are and how we could improve them by sharing your feedback.