Implement Client-Hints HTTP header
Categories
(Core :: Networking: HTTP, enhancement, P5)
Tracking
()
Tracking | Status | |
---|---|---|
platform-rel | --- | + |
People
(Reporter: igrigorik, Unassigned)
References
(Blocks 2 open bugs, )
Details
(Keywords: dev-doc-needed, Whiteboard: [necko-would-take][platform-rel-Shopify])
Reporter | ||
Updated•11 years ago
|
Updated•11 years ago
|
Updated•11 years ago
|
Updated•11 years ago
|
Comment 1•11 years ago
|
||
Comment 2•11 years ago
|
||
Reporter | ||
Comment 4•11 years ago
|
||
Comment 5•11 years ago
|
||
Reporter | ||
Comment 6•11 years ago
|
||
Comment 7•11 years ago
|
||
Reporter | ||
Comment 8•11 years ago
|
||
Comment 9•11 years ago
|
||
Comment 10•11 years ago
|
||
Comment 11•11 years ago
|
||
Reporter | ||
Comment 12•11 years ago
|
||
Comment 14•11 years ago
|
||
Reporter | ||
Comment 16•11 years ago
|
||
Comment 17•11 years ago
|
||
Comment 18•11 years ago
|
||
Reporter | ||
Comment 19•11 years ago
|
||
Reporter | ||
Comment 21•11 years ago
|
||
Comment 22•10 years ago
|
||
Comment 23•10 years ago
|
||
Comment 24•10 years ago
|
||
Updated•10 years ago
|
Comment 27•10 years ago
|
||
Reporter | ||
Comment 28•10 years ago
|
||
Comment 29•10 years ago
|
||
Reporter | ||
Comment 30•10 years ago
|
||
Reporter | ||
Comment 32•10 years ago
|
||
Updated•10 years ago
|
Updated•10 years ago
|
Reporter | ||
Comment 33•10 years ago
|
||
Reporter | ||
Comment 35•10 years ago
|
||
Comment 36•10 years ago
|
||
Comment 38•10 years ago
|
||
Reporter | ||
Comment 39•10 years ago
|
||
Comment 40•10 years ago
|
||
Comment 41•10 years ago
|
||
Reporter | ||
Comment 42•10 years ago
|
||
Comment 43•10 years ago
|
||
Reporter | ||
Comment 45•10 years ago
|
||
Comment 46•10 years ago
|
||
Comment 47•10 years ago
|
||
Comment 48•10 years ago
|
||
Reporter | ||
Comment 49•10 years ago
|
||
Reporter | ||
Comment 51•10 years ago
|
||
Reporter | ||
Comment 54•10 years ago
|
||
Comment 55•9 years ago
|
||
Reporter | ||
Comment 56•9 years ago
|
||
Updated•9 years ago
|
Comment 57•9 years ago
|
||
Comment 58•9 years ago
|
||
Comment 59•9 years ago
|
||
Comment 61•8 years ago
|
||
Reporter | ||
Comment 62•8 years ago
|
||
Updated•8 years ago
|
Updated•8 years ago
|
Comment 63•7 years ago
|
||
Comment 64•7 years ago
|
||
Updated•7 years ago
|
Comment 65•5 years ago
|
||
I'd like to express my support for Firefox implementing Client Hints, in general. This feature provides Tor Browser with a mechanism for signalling its support for Tor-specific enhancements - like the ability to resolve .onion addresses. There was initial discussion [0] about providing this signal within the user-agent string, however I'm less enthusiastic about that given Bug1609304. Other browsers that provide Tor integration will benefit from this specific use case, as well.
The above discussion around fingerprinting is important, and those concerns must be taken into account when considering which hints Firefox is willing to send.
Comment 67•4 years ago
|
||
Blink/Chrome has just enabled Client Hints on Feb 11, 2021
[UA-CH] Enable feature and runtime flags by default
https://chromium-review.googlesource.com/c/chromium/src/+/2525742
This is also tied to the wider discussion happening around Capping macOS user agent string. (Bug 1679929)
https://groups.google.com/a/chromium.org/g/blink-dev/c/hAI4QoX6rEo/m/qQNPThr0AAAJ
Google intends to provide the real OS version number through the Sec-CH-UA-Platform-Version
Updated•4 years ago
|
(In reply to Karl Dubost💡 :karlcow from comment #67)
Google intends to provide the real OS version number through the
Sec-CH-UA-Platform-Version
The blink-dev thread doesn't document any proper use case for exposing the operating system version. With the capping of the macOS version we're going to get into a privacy state where the OS version isn't leaked as Mac users upgrade past the capped version and Windows users upgrade to Windows 10.
I think we shouldn't foil that success without an absolutely essential use case.
Comment 69•4 years ago
|
||
One use-case outlined in the thread from Cloudinary: https://groups.google.com/a/chromium.org/g/blink-dev/c/hAI4QoX6rEo/m/Yo1ZkTHZAQAJ (not immediately applicable to Chromium, but a valid one)
Other use-cases are outlined in https://github.com/WICG/ua-client-hints#use-cases including: OS-specific styling, OS integration, OS-specific experiments and vulnerability filtering. I'd leave it to y'all to determine if those are "absolutely essential" from your perspective.
Comment 70•4 years ago
|
||
When writing this morning, I was looking for information about Apple and WebKit. There are two threads on webkit-dev mailing list:
https://lists.webkit.org/pipermail/webkit-dev/2020-May/thread.html#31195
https://lists.webkit.org/pipermail/webkit-dev/2020-November/thread.html#31571
Henri about
(In reply to Henri Sivonen (:hsivonen) from comment #68)
(In reply to Karl Dubost💡 :karlcow from comment #67)
Google intends to provide the real OS version number through theSec-CH-UA-Platform-Version
The blink-dev thread doesn't document any proper use case for exposing the operating system version.
I see how my comment can be misread.
More exactly Rick Byers says:
LGTM2 to fix the UA string, but only after some API (Sec-CH-UA-Platform-Version or anything else) is fully available as a work-around.
I didn't say it was done in any official way. Now I think it would be hasty to use the capping as a justification for clients hints, hence the ongoing discussion.
Updated•3 years ago
|
Updated•2 years ago
|
Comment 71•2 years ago
|
||
We haven't seen any real-world breakage yet, so unsetting the WebCompat-priority flag for now.
Description
•