204992 – Preconnect to server as early as possible in WebPage::LoadRequest

Bug 204992 - Preconnect to server as early as possible in WebPage::LoadRequest

Summary: Preconnect to server as early as possible in WebPage::LoadRequest

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Page Loading (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Chris Dumez

URL:
Keywords:	InRadar

Depends on:	205030
Blocks:
	Show dependency tree / graph

Reported:	2019-12-07 16:15 PST by Chris Dumez
Modified:	2019-12-09 15:54 PST (History)
CC List:	10 users (show)

See Also:

Attachments
Patch (5.72 KB, patch) 2019-12-07 16:17 PST, Chris Dumez	no flags	Details \| Formatted Diff \| Diff
Patch (6.47 KB, patch) 2019-12-07 20:47 PST, Chris Dumez	no flags	Details \| Formatted Diff \| Diff
Patch (18.72 KB, patch) 2019-12-08 11:56 PST, Chris Dumez	no flags	Details \| Formatted Diff \| Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Chris Dumez 2019-12-07 16:15:04 PST

Preconnect to server as early as possible in WebPage::LoadRequest. This avoids delaying the connection to the server until after the policy check and is a ~1.3% progression on PLT5 on both macOS and iOS.

Comment 1 Chris Dumez 2019-12-07 16:17:20 PST

Created attachment 385108 [details]
Patch

Comment 2 Daniel Bates 2019-12-07 19:34:46 PST

This change looks like a good technical change. It looks like it sacrifices user privacy at the cost of improving perceived load speed: apps and Safari can no longer prevent the preconnect from hitting the server with credentials. Code with is used by all page loads, right? Even programmatic? My strong opinion, weakly held, is that this change should be guarded by a user configurable setting (initially off by default) because there are significant privacy implications.

Comment 3 Chris Dumez 2019-12-07 19:53:12 PST

(In reply to Daniel Bates from comment #2)
> This change looks like a good technical change. It looks like it sacrifices
> user privacy at the cost of improving perceived load speed: apps and Safari
> can no longer prevent the preconnect from hitting the server with
> credentials. Code with is used by all page loads, right? Even programmatic?
> My strong opinion, weakly held, is that this change should be guarded by a
> user configurable setting (initially off by default) because there are
> significant privacy implications.

It is indeed important not to sacrifice privacy. I don’t think I am though but I may be missing something.

I am not sure what you mean by programmatic loads, could mean JS or native. Loads triggered by JS or even user clicks do not use this code path. Only loads requested by the client app (native) using [WKWebView loadRequest:] are affected. Since those loads are requested by the client app, and the client app is in charge of the decidePolicyForNavigationAction, I did not feel connecting to the server early sacrificed privacy.

Does this address your concerns?

Comment 4 Chris Dumez 2019-12-07 19:57:15 PST

Comment on attachment 385108 [details]
Patch

Looks like there are API test failures that need investigating. Clearing review flag while I do so.

Comment 5 Chris Dumez 2019-12-07 20:47:05 PST

Created attachment 385113 [details]
Patch

Comment 6 Antti Koivisto 2019-12-07 23:47:06 PST

Comment on attachment 385113 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=385113&action=review

> Source/WebKit/WebProcess/WebPage/WebPage.cpp:1531
> +        WebProcess::singleton().webLoaderStrategy().preconnectTo(ResourceRequest { loadParameters.request }, *this, *m_mainFrame, StoredCredentialsPolicy::Use, [](const ResourceError&) { });

WTF::Function is a nullable type. Another option would be to make preconnectTo handle a null callback function and remove the need to construct a no-op lambda.

Comment 7 Chris Dumez 2019-12-08 11:56:47 PST

Created attachment 385125 [details]
Patch

Comment 8 Chris Dumez 2019-12-08 11:57:30 PST

(In reply to Antti Koivisto from comment #6)
> Comment on attachment 385113 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=385113&action=review
> 
> > Source/WebKit/WebProcess/WebPage/WebPage.cpp:1531
> > +        WebProcess::singleton().webLoaderStrategy().preconnectTo(ResourceRequest { loadParameters.request }, *this, *m_mainFrame, StoredCredentialsPolicy::Use, [](const ResourceError&) { });
> 
> WTF::Function is a nullable type. Another option would be to make
> preconnectTo handle a null callback function and remove the need to
> construct a no-op lambda.

Will look into this in a follow-up.

Comment 9 WebKit Commit Bot 2019-12-08 13:31:00 PST

Comment on attachment 385125 [details]
Patch

Clearing flags on attachment: 385125

Committed r253277: <https://trac.webkit.org/changeset/253277>

Comment 10 WebKit Commit Bot 2019-12-08 13:31:01 PST

All reviewed patches have been landed.  Closing bug.

Comment 11 Radar WebKit Bug Importer 2019-12-08 13:31:39 PST

<rdar://problem/57735901>

Comment 12 Jonathan Bedard 2019-12-09 08:56:14 PST

Breaks some ApplePay API tests on iOS:

https://results.webkit.org/?suite=api-tests&test=TestWebKitAPI.ApplePay.CanMakePaymentsWithActiveCardBlocksUserAgentScripts

Comment 13 Chris Dumez 2019-12-09 08:57:01 PST

(In reply to Jonathan Bedard from comment #12)
> Breaks some ApplePay API tests on iOS:
> 
> https://results.webkit.org/?suite=api-tests&test=TestWebKitAPI.ApplePay.
> CanMakePaymentsWithActiveCardBlocksUserAgentScripts

Looking now.

Comment 14 Chris Dumez 2019-12-09 09:49:47 PST

(In reply to Chris Dumez from comment #13)
> (In reply to Jonathan Bedard from comment #12)
> > Breaks some ApplePay API tests on iOS:
> > 
> > https://results.webkit.org/?suite=api-tests&test=TestWebKitAPI.ApplePay.
> > CanMakePaymentsWithActiveCardBlocksUserAgentScripts
> 
> Looking now.

Follow-up fix landed in <https://trac.webkit.org/changeset/253291>.