Closed Bug 1879929 Opened 1 year ago Closed 1 year ago

Clean up design for HTTP Accept header generation

Categories

(Core :: Networking: HTTP, enhancement)

Product:
Core
Component:
Networking: HTTP
Type:
enhancement

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: masterquestionable, Unassigned)

References

Details

    Sending different Accept on context generally doesn't serve the intended purpose:
    Sites really making use of which [1] are scarce (to almost none?).
    And feature detection should be more reliable way for so.
[1] Mostly, making identical URL return different content based on Accept.

    And the old behavior may cause unwanted side-channel.

    This change removes "image.http.accept", making "network.http.accept" the sole control for Accept in all cases (besides Fetch/XHR) [2].
    And reconfigured more reasonable default Accept.
    Also cleans up some unused codes related.

[ [2]
    Known 1 application:
    https://github.com/orgs/community/discussions/70778
    (GitHub's page loading)
    ; seemingly relied on the default `*/*`:
    https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/setRequestHeader
    https://fetch.spec.whatwg.org/#ref-for-header-list-contains⑧

    For which cause "network.http.accept.fetch" is added for debugging purpose. ]

    Actual change pending: I'm unfamiliar with committing code changes here.

See Also: → 1711622, 1865599

Is someone more familiar with the Accept header able to provide some follow up?

Flags: needinfo?(valentin.gosu)
Flags: needinfo?(kershaw)

(In reply to Master ? [:masterquestionable] from comment #0)

    This change removes "image.http.accept", making "network.http.accept" the sole control for Accept in all cases (besides Fetch/XHR) [2].
    And reconfigured more reasonable default Accept.
    Also cleans up some unused codes related.

This phrasing and the unusual indentation and syntax makes me think the reporter is a bot. But looking into the substance of their arguments makes me think otherwise. 🤷

In any case, I don't think removing the prefs is a good idea. We'll need to send different headers for images vs page loads.
I think resolving bug 1711622 and bug 1865599 should get us closer to interop without a needing a different design.

Status: UNCONFIRMED → RESOLVED
Closed: 1 year ago
Flags: needinfo?(valentin.gosu)
Flags: needinfo?(kershaw)
Resolution: --- → INVALID

    I use AI assisted content generation for most of my writing.
    The format's design has solid basis. (to address various existing deficiencies)

    Let's dig further then: via analyzing the current cases, and the theoretical boundary.

    In brief, the current behavior creates undesirable side-channel. (and potentially bug-ridden due to over-complexity)
    My aim is to address which without causing unjustifiable breakage.

See Also: → 1249474
You need to log in before you can comment on or make changes to this bug.