From 815f0f1592026a315f14906f4f0991392b68a04e Mon Sep 17 00:00:00 2001 From: qingxinwu <6334674+qingxinwu@users.noreply.github.com> Date: Thu, 29 Aug 2024 10:09:46 -0400 Subject: [PATCH] [Spec] Add policy container field to requests. (#1253) * Add policy container field to requests. * finish * address comments. * Add policy container to trusted signals fetch * unset embedder policy, but set ip address space * Fix permissions check request --------- Co-authored-by: Qingxin Wu --- spec.bs | 199 +++++++++++++++++++++++++++++++------------------------- 1 file changed, 112 insertions(+), 87 deletions(-) diff --git a/spec.bs b/spec.bs index f57862e18..165fc6fb4 100644 --- a/spec.bs +++ b/spec.bs @@ -263,8 +263,9 @@ This is detectable because it can change the set of fields that are read from th 1. Let |global| be [=this=]'s [=relevant global object=]. 1. If |global|'s [=associated Document=] is not [=allowed to use=] the "[=join-ad-interest-group=]" [=policy-controlled feature=], then [=exception/throw=] a "{{NotAllowedError}}" {{DOMException}}. -1. Let |frameOrigin| be [=this=]'s [=relevant settings object=]'s [=environment settings object/origin=]. -1. [=Assert=] that |frameOrigin| is not an [=opaque origin=] and its [=origin/scheme=] is "`https`". +1. Let |settings| be [=this=]'s [=relevant settings object=]. +1. [=Assert=] that |settings|'s [=environment settings object/origin=] is not an [=opaque origin=] + and its [=origin/scheme=] is "`https`". 1. Let |interestGroup| be a new [=interest group=]. 1. Validate the given |group| and set |interestGroup|'s fields accordingly. 1. Set |interestGroup|'s [=interest group/expiry=] to the [=current wall time=] plus @@ -439,7 +440,7 @@ This is detectable because it can change the set of fields that are read from th 1. Let |queue| be the result of [=starting a new parallel queue=]. 1. [=parallel queue/enqueue steps|Enqueue the following steps=] to |queue|: 1. Let |permission| be the result of [=checking interest group permissions=] with - |interestGroup|'s [=interest group/owner=], |frameOrigin|, and "`join`". + |interestGroup|'s [=interest group/owner=], |settings|, and "`join`". 1. If |permission| is false, then [=queue a global task=] on [=DOM manipulation task source=], given |global|, to [=reject=] |p| with a "{{NotAllowedError}}" {{DOMException}} and abort these steps. @@ -575,7 +576,8 @@ dictionary AuctionAdInterestGroupKey { The leaveAdInterestGroup(group) method steps are: 1. Let |global| be [=this=]'s [=relevant global object=]. -1. Let |frameOrigin| be [=this=]'s [=relevant settings object=]'s [=environment settings object/origin=]. +1. Let |settings| be [=this=]'s [=relevant settings object=]. +1. Let |frameOrigin| be |settings|'s [=environment settings object/origin=]. 1. [=Assert=] that |frameOrigin| is not an [=opaque origin=] and its [=origin/scheme=] is "`https`". 1. Let |p| be [=a new promise=]. 1. If |group| [=map/is empty=]: @@ -601,8 +603,8 @@ The leaveAdInterestGroup(group) method steps are |group|["{{AuctionAdInterestGroupKey/owner}}"]. 1. If |owner| is failure, [=exception/throw=] a {{TypeError}}. 1. Run these steps [=in parallel=]: - 1. Let |permission| be the result of [=checking interest group permissions=] with - |owner|, |frameOrigin|, and "`leave`". + 1. Let |permission| be the result of [=checking interest group permissions=] with |owner|, + |settings|, and "`leave`". 1. If |permission| is false, then [=queue a global task=] on [=DOM manipulation task source=], given |global|, to [=reject=] |p| with a "{{NotAllowedError}}" {{DOMException}} and abort these steps. @@ -637,8 +639,8 @@ partial interface Navigator { The clearOriginJoinedAdInterestGroups(|owner|, |interestGroupsToKeep|) method steps are: -1. Let |frameOrigin| be [=this=]'s [=relevant settings object=]'s - [=environment settings object/origin=]. +1. Let |settings| be [=this=]'s [=relevant settings object=]. +1. Let |frameOrigin| be |settings|'s [=environment settings object/origin=]. 1. [=Assert=] that |frameOrigin| is not an [=opaque origin=] and its [=origin/scheme=] is "`https`". 1. Let |p| be [=a new promise=]. 1. Let |global| be [=this=]'s [=relevant global object=]. @@ -651,7 +653,7 @@ method steps are: 1. If |ownerOrigin| is failure, [=exception/throw=] a {{TypeError}}. 1. Run these steps [=in parallel=]: 1. Let |permission| be the result of [=checking interest group permissions=] with - |ownerOrigin|, |frameOrigin|, and "`leave`". + |ownerOrigin|, |settings|, and "`leave`". 1. If |permission| is false, then [=queue a global task=] on the [=DOM manipulation task source=] given |global|, [=reject=] |p| with a "{{NotAllowedError}}" {{DOMException}} and abort these steps. 1. [=Queue a global task=] on the [=DOM manipulation task source=] given |global|, to [=resolve=] |p| @@ -768,10 +770,10 @@ The runAdAuction(|config|) method steps are: 1. [=AbortSignal/Add|Add the following abort steps=] to |signal|: 1. [=Reject=] |p| with |signal|’s [=AbortSignal/abort reason=]. 1. Run [=update bid counts=] with |bidIgs|. - 1. Run [=interest group update=] with |auctionConfig|'s - [=auction config/interest group buyers=]. -1. Let |frameOrigin| be |settings|'s [=environment settings object/origin=]. -1. [=Assert=] that |frameOrigin| is not an [=opaque origin=] and its [=origin/scheme=] is "`https`". + 1. Run [=interest group update=] with |auctionConfig|'s [=auction config/interest group buyers=] + and |settings|'s [=environment settings object/policy container=]. +1. [=Assert=] that |settings|'s [=environment settings object/origin=] is not an [=opaque origin=] + and its [=origin/scheme=] is "`https`". 1. Let |queue| be the result of [=starting a new parallel queue=]. 1. [=parallel queue/enqueue steps|Enqueue the following steps=] to |queue|: 1. Let |bidDebugReportInfoList| be a new [=list=] of [=bid debug reporting info=]. @@ -781,8 +783,7 @@ The runAdAuction(|config|) method steps are: 1. Otherwise: 1. Let |realTimeContributionsMap| be a new [=real time reporting contributions map=]. 1. Let |winnerInfo| be the result of running [=generate and score bids=] with |auctionConfig|, - null, |global|, |settings|'s [=environment/top-level origin=], |bidIgs|, - |bidDebugReportInfoList|, and |realTimeContributionsMap|. + null, |global|, |bidIgs|, |bidDebugReportInfoList|, and |realTimeContributionsMap|. 1. Let |auctionReportInfo| be a new [=auction report info=]. 1. If |winnerInfo| is not failure, then: 1. Set |auctionReportInfo| to the result of running [=collect forDebuggingOnly reports=] with @@ -796,13 +797,13 @@ The runAdAuction(|config|) method steps are: |p| with null. 1. [=list/For each=] |reportUrl| of |auctionReportInfo|'s [=auction report info/debug loss report urls=]: - 1. [=Send report=] with |reportUrl| and |frameOrigin|. + 1. [=Send report=] with |reportUrl| and |settings|. 1. [=Send real time reports=] with |auctionReportInfo|'s - [=auction report info/real time reporting contributions map=] and |frameOrigin|. + [=auction report info/real time reporting contributions map=] and |settings|. 1. Otherwise: 1. Let |winner| be |winnerInfo|'s [=leading bid info/leading bid=]. 1. Let |fencedFrameConfig| be the result of [=filling in a pending fenced frame config=] with - |pendingConfig|, |auctionConfig|, |winnerInfo|, |auctionReportInfo|, and |frameOrigin|. + |pendingConfig|, |auctionConfig|, |winnerInfo|, |auctionReportInfo|, and |settings|. 1. [=fenced frame config mapping/Finalize a pending config=] on |configMapping| with |urn| and |fencedFrameConfig|. 1. Wait until |auctionConfig|'s [=auction config/resolve to config=] is a boolean. @@ -810,7 +811,8 @@ The runAdAuction(|config|) method steps are: 1. If |auctionConfig|'s [=auction config/resolve to config=] is false, then set |result| to |urn|. 1. [=Queue a global task=] on the [=DOM manipulation task source=], given |global|, to resolve |p| with |result|. - 1. Run [=interest group update=] with |auctionConfig|'s [=auction config/interest group buyers=]. + 1. Run [=interest group update=] with |auctionConfig|'s [=auction config/interest group buyers=] + and |settings|'s [=environment settings object/policy container=]. 1. Run [=update bid counts=] with |bidIgs|. 1. Run [=update previous wins=] with |winner|. 1. Return |p|. @@ -896,7 +898,7 @@ To construct a pending fenced frame config given an [=auction config= To fill in a pending fenced frame config given a [=fenced frame config=] |pendingConfig|, [=auction config=] |auctionConfig|, [=leading bid info=] |winningBidInfo|, -[=auction report info=] |auctionReportInfo|, and an [=origin=] |frameOrigin|: +[=auction report info=] |auctionReportInfo|, and an [=environment settings object=] |settings|: 1. Let |winningBid| be |winningBidInfo|'s [=leading bid info/leading bid=]. 1. Let |replacements| be an [=ordered map=] whose [=map/keys=] are [=strings=] and whose [=map/values=] are [=strings=]. @@ -968,7 +970,7 @@ To fill in a pending fenced frame config given a [=fenced frame confi [=fenced frame config/fenced frame reporting metadata=]'s [=fenced frame reporting metadata/value=]'s [=fenced frame reporting metadata/fenced frame reporting map=], |winningBidInfo|, - |auctionReportInfo| and |frameOrigin|. + |auctionReportInfo| and |settings|. 1. Let |adComponentDescriptorsWithReplacements| be a new [=list=] of [=ad descriptors=]. 1. If |winningBid|'s [=generated bid/ad component descriptors=] is not null: 1. [=list/For each=] |adComponentDescriptor| of |winningBid|'s @@ -990,7 +992,7 @@ To fill in a pending fenced frame config given a [=fenced frame confi To asynchronously finish reporting given a [=fencedframetype/fenced frame reporting map=] |reportingMap|, [=leading bid info=] |leadingBidInfo|, -[=auction report info=] |auctionReportInfo|, and an [=origin=] |frameOrigin|: +[=auction report info=] |auctionReportInfo|, and an [=environment settings object=] |settings|: 1. [=Increment a winning bid's k-anonymity count=] given |leadingBidInfo|'s [=leading bid info/leading bid=]. 1. If |leadingBidInfo|'s [=leading bid info/leading non-k-anon-enforced bid=] is not null, and |leadingBidInfo|'s [=leading bid info/leading non-k-anon-enforced bid=]'s [=generated bid/id=] @@ -1017,7 +1019,7 @@ To asynchronously finish reporting given a 1. [=Finalize a reporting destination=] with |reportingMap|, {{FenceReportingDestination/buyer}}, |buyerMap|, and |macroMap|. 1. [=Send report=] with |leadingBidInfo|'s [=leading bid info/buyer reporting result=]'s - [=reporting result/report url=] and |frameOrigin|. + [=reporting result/report url=] and |settings|. 1. Set |buyerDone| to true. 1. If |sellerDone| is false and |leadingBidInfo|'s [=leading bid info/seller reporting result=] is not null: @@ -1027,7 +1029,7 @@ To asynchronously finish reporting given a 1. [=Finalize a reporting destination=] with |reportingMap|, {{FenceReportingDestination/seller}}, and |sellerMap|. 1. [=Send report=] with |leadingBidInfo|'s [=leading bid info/seller reporting result=]'s - [=reporting result/report url=] and |frameOrigin|. + [=reporting result/report url=] and |settings|. 1. Set |sellerDone| to true. 1. If |componentSellerDone| is false and |leadingBidInfo|'s [=leading bid info/component seller reporting result=] is not null: @@ -1038,14 +1040,14 @@ To asynchronously finish reporting given a 1. [=Finalize a reporting destination=] with |reportingMap|, {{FenceReportingDestination/component-seller}}, and |componentSellerMap|. 1. [=Send report=] with |leadingBidInfo|'s [=leading bid info/component seller reporting result=]'s - [=reporting result/report url=] and |frameOrigin|. + [=reporting result/report url=] and |settings|. 1. Set |componentSellerDone| to true. 1. [=list/For each=] |reportUrl| of |auctionReportInfo|'s [=auction report info/debug win report urls=]: - 1. [=Send report=] with |report| and |frameOrigin|. + 1. [=Send report=] with |report| and |settings|. 1. [=list/For each=] |reportUrl| of |auctionReportInfo|'s [=auction report info/debug loss report urls=]: - 1. [=Send report=] with |report| and |frameOrigin|. + 1. [=Send report=] with |report| and |settings|. 1. [=Send real time reports=] with |auctionReportInfo|'s - [=auction report info/real time reporting contributions map=] and |frameOrigin|. + [=auction report info/real time reporting contributions map=] and |settings|. @@ -1567,8 +1569,8 @@ a [=string=] |auctionSignals|, a {{BiddingBrowserSignals}} |browserSignals|, a [ a {{DirectFromSellerSignalsForBuyer}} |directFromSellerSignalsForBuyer|, a [=duration=] |perBuyerTimeout| in milliseconds, a [=currency tag=] |expectedCurrency|, an {{unsigned short}} |multiBidLimit|, an [=interest group=] |ig|, and a [=moment=] |auctionStartTime|, and an -[=origin=] |frameOrigin|, perform the following steps. They return a failure if failing to fetch -the script or wasm, otherwise a [=tuple=] of ([=list=] of [=generated bids=], +[=environment settings object=] |settings|, perform the following steps. They return a failure if +failing to fetch the script or wasm, otherwise a [=tuple=] of ([=list=] of [=generated bids=], [=bid debug reporting info=], [=list=] of [=real time reporting contributions=]). 1. Let |igGenerateBid| be the result of [=building an interest group passed to generateBid=] with |ig|. @@ -1592,13 +1594,13 @@ the script or wasm, otherwise a [=tuple=] of ([=list=] of [=generated bids=], 1. [=list/Append=] |prevWinIDL| to |prevWins|. 1. [=map/Set=] |browserSignals|["{{BiddingBrowserSignals/prevWinsMs}}"] to |prevWins|. 1. Let |biddingScriptFetcher| be the result of [=creating a new script fetcher=] with - |ig|'s [=interest group/bidding url=], and |frameOrigin|. + |ig|'s [=interest group/bidding url=], and |settings|. 1. Let |biddingScript| be the result of [=waiting for script body from a fetcher=] given |biddingScriptFetcher|. 1. If |biddingScript| is failure, return failure. 1. If |ig|'s [=interest group/bidding wasm helper url=] is not null: 1. Let |wasmModuleObject| be the result of [=fetching WebAssembly=] with |ig|'s - [=interest group/bidding wasm helper url=] and |frameOrigin|. + [=interest group/bidding wasm helper url=] and |settings|. 1. If |wasmModuleObject| is not failure, then [=map/set=] |browserSignals|["{{BiddingBrowserSignals/wasmHelper}}"] to |wasmModuleObject|. 1. Otherwise, return failure. @@ -1630,17 +1632,16 @@ the script or wasm, otherwise a [=tuple=] of ([=list=] of [=generated bids=],
To generate and score bids given an [=auction config=] |auctionConfig|, an -[=auction config=]-or-null |topLevelAuctionConfig|, a [=global object=] |global|, an [=origin=] -|topLevelOrigin|, a [=list=] of [=interest groups=] |bidIgs|, a [=list=] of [=bid debug reporting info=] -|bidDebugReportInfoList|, and a [=real time reporting contributions map=] |realTimeContributionsMap|: +[=auction config=]-or-null |topLevelAuctionConfig|, a [=global object=] |global|, a [=list=] of +[=interest groups=] |bidIgs|, a [=list=] of [=bid debug reporting info=] |bidDebugReportInfoList|, +and a [=real time reporting contributions map=] |realTimeContributionsMap|: 1. [=Assert=] that these steps are running [=in parallel=]. 1. Let |settings| be |global|'s [=relevant settings object=]. -1. Let |frameOrigin| be |settings|'s [=environment settings object/origin=]. +1. Let |topLevelOrigin| be |settings|'s [=environment/top-level origin=]. 1. Let |seller| be |auctionConfig|'s [=auction config/seller=]. 1. Let |auctionStartTime| be the [=current wall time=]. 1. Let |decisionLogicFetcher| be the result of [=creating a new script fetcher=] with - |auctionConfig|'s [=auction config/decision logic url=] and |frameOrigin|. -1. Let |seller| be |auctionConfig|'s [=auction config/seller=]. + |auctionConfig|'s [=auction config/decision logic url=] and |settings|. 1. Let « |bidGenerators|, |negativeTargetInfo| » be the result of running [=build bid generators map=] with |auctionConfig|. 1. Let |leadingBidInfo| be a new [=leading bid info=]. @@ -1656,8 +1657,7 @@ To generate and score bids given an [=auction config=] |auctionConfig 1. [=list/For each=] |component| in |auctionConfig|'s [=auction config/component auctions=], [=parallel queue/enqueue steps|enqueue the following steps=] to |queue|: 1. Let |compWinnerInfo| be the result of running [=generate and score bids=] with |component|, - |auctionConfig|, |global|, |topLevelOrigin|, |bidIgs|, |bidDebugReportInfoList|, and - |realTimeContributionsMap|. + |auctionConfig|, |global|, |bidIgs|, |bidDebugReportInfoList|, and |realTimeContributionsMap|. 1. If |compWinnerInfo| is failure, return failure. 1. If [=recursively wait until configuration input promises resolve=] given |auctionConfig| returns failure, return failure. @@ -1676,7 +1676,7 @@ To generate and score bids given an [=auction config=] |auctionConfig is not null, then run [=score and rank a bid=] with |auctionConfig|, |compWinnerInfo|'s [=leading bid info/leading non-k-anon-enforced bid=], |leadingBidInfo|, |decisionLogicFetcher|, |topLevelDirectFromSellerSignalsForSeller|, null, - "top-level-auction", null, |topLevelOrigin| and |realTimeContributionsMap|.. + "top-level-auction", null, |topLevelOrigin|, and |realTimeContributionsMap|. 1. Decrement |pendingComponentAuctions| by 1. 1. Wait until |pendingComponentAuctions| is 0. 1. If |leadingBidInfo|'s [=leading bid info/leading bid=] is null, return null. @@ -1704,7 +1704,7 @@ To generate and score bids given an [=auction config=] |auctionConfig 1. Let « |sellerSignals|, |reportResultBrowserSignals| » be the result of running [=report result=] with |leadingBidInfo|, |directFromSellerSignalsForSeller|, null, and |global|. 1. Run [=report win=] with |leadingBidInfo|, |sellerSignals|, |reportResultBrowserSignals|, - |directFromSellerSignalsForBuyer|, and |frameOrigin|. + |directFromSellerSignalsForBuyer|, and |settings|. 1. Return |leadingBidInfo|. 1. If [=waiting until configuration input promises resolve=] given |auctionConfig| returns failure, @@ -1743,7 +1743,7 @@ To generate and score bids given an [=auction config=] |auctionConfig 1. [=list/For each=] |additionalBid| of |additionalBids|, run the following steps [=in parallel=]: 1. [=Score and rank a bid=] with |auctionConfig|, |additionalBid|, |leadingBidInfo|, |decisionLogicFetcher|, |directFromSellerSignalsForSeller|, null, |auctionLevel|, - |componentAuctionExpectedCurrency|, |topLevelOrigin| , and |realTimeContributionsMap|. + |componentAuctionExpectedCurrency|, |topLevelOrigin|, and |realTimeContributionsMap|. 1. Decrement |pendingAdditionalBids| by 1. 1. [=map/For each=] |buyer| → |perBuyerGenerator| of |bidGenerators|, [=parallel queue/enqueue steps|enqueue the following steps=] to |queue|: @@ -1802,7 +1802,8 @@ To generate and score bids given an [=auction config=] |auctionConfig 1. [=map/For each=] joiningOrigin → |groups| of |perSignalsUrlGenerator|: 1. [=list/For each=] |ig| of |groups|: 1. [=Batch or fetch trusted bidding signals=] given |trustedBiddingSignalsBatcher|, - |ig|, |signalsUrl|, |buyerExperimentGroupId|, |topLevelOrigin|, and |slotSizeQueryParam|. + |ig|, |signalsUrl|, |buyerExperimentGroupId|, |topLevelOrigin|, |slotSizeQueryParam|, + and |settings|'s [=environment settings object/policy container=]. 1. [=Fetch the current outstanding trusted signals batch=] given |trustedBiddingSignalsBatcher|, |signalsUrl|, |buyer|, |buyerExperimentGroupId|, |topLevelOrigin|, and |slotSizeQueryParam|. 1. [=Process updateIfOlderThanMs=] with |buyer|, and |trustedBiddingSignalsBatcher|'s @@ -1846,7 +1847,7 @@ To generate and score bids given an [=auction config=] |auctionConfig [=generate potentially multiple bids=] given |allTrustedBiddingSignals|, |crossOriginTrustedBiddingSignalsOrigin|, |auctionSignals|, a [=map/clone=] of |browserSignals|, |perBuyerSignals|, |directFromSellerSignalsForBuyer|, |perBuyerTimeout|, - |expectedCurrency|, |multiBidLimit|, |ig|, |auctionStartTime|, and |frameOrigin|. + |expectedCurrency|, |multiBidLimit|, |ig|, |auctionStartTime|, and |settings|. 1. If |generateBidResult| is failure, then: 1. If |optedInForRealTimeReporting| is true, then [=add a platform contribution=] with [=bidding script failure bucket=], |realTimeContributionsMap| and |buyer|. @@ -1892,7 +1893,7 @@ To generate and score bids given an [=auction config=] |auctionConfig of running [=generate potentially multiple bids=] with |allTrustedBiddingSignals|, |crossOriginTrustedBiddingSignalsOrigin|, |auctionSignals|, a [=map/clone=] of |browserSignals|, |perBuyerSignals|, |directFromSellerSignalsForBuyer|, |perBuyerTimeout|, |expectedCurrency|, - 1 (for multiBidLimit), |ig|, |auctionStartTime|, and |frameOrigin|. + 1 (for multiBidLimit), |ig|, |auctionStartTime|, and |settings|. Note: passing 1 for multiBidLimit limits the rerun to producing at most a single bid. @@ -1929,7 +1930,7 @@ To generate and score bids given an [=auction config=] |auctionConfig |leadingBidInfo|'s [=leading bid info/leading bid=]'s [=generated bid/interest group=]'s [=interest group/owner=]. 1. Run [=report win=] with |leadingBidInfo|, |sellerSignals|, |reportResultBrowserSignals|, - |directFromSellerSignalsForWinner|, and |frameOrigin|. + |directFromSellerSignalsForWinner|, and |settings|. 1. Let |replacements| be an [=ordered map=] whose [=map/keys=] are [=strings=] and whose [=map/values=] are [=strings=]. 1. [=list/For each=] [=ad keyword replacement=], |replacement|, within @@ -2010,7 +2011,8 @@ To convert to an AuctionAd sequence given a [=list=]-or-null |ads|:
To fetch and decode trusted scoring signals given an [=auction config=] |auctionConfig|, a [=generated bid=] |generatedBid|, a [=script fetcher=] |decisionLogicFetcher|, an [=origin=] -|topLevelOrigin|, and a [=real time reporting contributions map=] |realTimeContributionsMap|: +|topLevelOrigin|, a [=real time reporting contributions map=] |realTimeContributionsMap|, and a +[=policy container=] |policyContainer|: 1. Let |crossOriginTrustedScoringSignalsOrigin| be null. 1. Let |sameOriginTrustedScoringSignals| be null. @@ -2060,7 +2062,7 @@ a [=generated bid=] |generatedBid|, a [=script fetcher=] |decisionLogicFetcher|, 1. Let |allTrustedScoringSignals| be null. 1. Set «|allTrustedScoringSignals|, ignored, |scoringDataVersion|» to the result of [=fetching trusted signals=] - with |fullSignalsUrl|, |auctionConfig|'s [=auction config/seller=], and false. + with |fullSignalsUrl|, |auctionConfig|'s [=auction config/seller=], |policyContainer|, and false. 1. If |allTrustedScoringSignals| is null, and |auctionConfig|'s [=auction config/seller real time reporting config=] is "`default-local-reporting`",then: 1. [=Add a platform contribution=] with [=trusted scoring signals failure bucket=], @@ -2330,7 +2332,7 @@ To validate fetching response given a [=response=] |response|, null,
-To fetch WebAssembly given a [=URL=] |url| and an [=origin=] |frameOrigin|: +To fetch WebAssembly given a [=URL=] |url| and an [=environment settings object=] |settings|: 1. Let |request| be a new [=request=] with the following properties: : [=request/URL=] @@ -2340,7 +2342,7 @@ To fetch WebAssembly given a [=URL=] |url| and an [=origin=] |frameOr : [=request/client=] :: `null` : [=request/origin=] - :: |frameOrigin| + :: |settings|'s [=environment settings object/origin=] : [=request/mode=] :: "`no-cors`" : [=request/referrer=] @@ -2349,6 +2351,9 @@ To fetch WebAssembly given a [=URL=] |url| and an [=origin=] |frameOr :: "`omit`" : [=request/redirect mode=] :: "`error`" + : [=request/policy container=] + :: A new [=policy container=] whose [=policy container/IP address space=] is |settings|'s + [=environment settings object/policy container=]'s [=policy container/IP address space=] Issue: One of the side-effects of a `null` client for this subresource request is it neuters all service worker interceptions, despite not having to set the service workers mode. @@ -2373,8 +2378,8 @@ The X-fledge-bidding-signals-format-version is a [=structured header=] whose value must be an [=structured header/integer=].
-To fetch trusted signals given a [=URL=] |url|, an [=origin=] |scriptOrigin|, -and a [=boolean=] |isBiddingSignal|: +To fetch trusted signals given a [=URL=] |url|, an [=origin=] |scriptOrigin|, a +[=policy container=] |policyContainer|, and a [=boolean=] |isBiddingSignal|: 1. Let |request| be a new [=request=] with the following properties: : [=request/URL=] @@ -2393,6 +2398,9 @@ and a [=boolean=] |isBiddingSignal|: :: "`omit`" : [=request/redirect mode=] :: "`error`" + : [=request/policy container=] + :: A new [=policy container=] whose [=policy container/IP address space=] is |policyContainer|'s + [=policy container/IP address space=] Issue: One of the side-effects of a `null` client for this subresource request is it neuters all service worker interceptions, despite not having to set the service workers mode. @@ -2563,7 +2571,7 @@ Note: When trusted scoring signals fetches are not batched, |renderURLs|'s [=lis
-To send report given a [=URL=] |url|, and an [=origin=] |frameOrigin|: +To send report given a [=URL=] |url|, and an [=environment settings object=] |settings|: 1. Let |request| be a new [=request=] with the following properties: : [=request/URL=] @@ -2571,7 +2579,7 @@ To send report given a [=URL=] |url|, and an [=origin=] |frameOrigin| : [=request/client=] :: `null` : [=request/origin=] - :: |frameOrigin| + :: |settings|'s [=environment settings object/origin=] : [=request/mode=] :: "`no-cors`" : [=request/referrer=] @@ -2580,6 +2588,9 @@ To send report given a [=URL=] |url|, and an [=origin=] |frameOrigin| :: "`omit`" : [=request/redirect mode=] :: "`error`" + : [=request/policy container=] + :: A new [=policy container=] whose [=policy container/IP address space=] is |settings|'s + [=environment settings object/policy container=]'s [=policy container/IP address space=] Issue: One of the side-effects of a `null` client for this subresource request is it neuters all service worker interceptions, despite not having to set the service workers mode. @@ -2710,8 +2721,7 @@ To report result given a [=leading bid info=] |leadingBidInfo|, a |browserSignals|["{{ReportingBrowserSignals/buyerAndSellerReportingId}}"] to |igAd|'s [=interest group ad/buyer and seller reporting ID=]. 1. Let |sellerReportingScriptFetcher| be the result of [=creating a new script fetcher=] with - |config|'s [=auction config/decision logic url=] and |global|'s [=relevant settings object=]'s - [=environment settings object/origin=]. + |config|'s [=auction config/decision logic url=] and |global|'s [=relevant settings object=]. 1. Let |sellerReportingScript| be the result of [=waiting for script body from a fetcher=] given |sellerReportingScriptFetcher|. 1. Let « |sellerSignals|, |reportUrl|, |reportingBeaconMap|, ignored » be the result of @@ -2742,7 +2752,7 @@ To report result given a [=leading bid info=] |leadingBidInfo|, a
To report win given a [=leading bid info=] |leadingBidInfo|, a [=string=] |sellerSignals|, a {{ReportingBrowserSignals}} |browserSignals|, a [=direct from seller signals=]-or-null -|directFromSellerSignals|, and an [=origin=] |frameOrigin|: +|directFromSellerSignals|, and an [=environment settings object=] |settings|: 1. Let |config| be |leadingBidInfo|'s [=leading bid info/auction config=]. 1. Let |winner| be |leadingBidInfo|'s [=leading bid info/leading bid=]. @@ -2782,7 +2792,7 @@ a {{ReportingBrowserSignals}} |browserSignals|, a [=direct from seller signals=] 1. Otherwise, [=map/Set=] |reportWinBrowserSignals|["{{ReportWinBrowserSignals/interestGroupName}}"] to |winner|'s [=generated bid/interest group=] [=interest group/name=]. 1. Let |buyerReportingScriptFetcher| be the result of [=creating a new script fetcher=] with - |winner|'s [=generated bid/interest group=]'s [=interest group/bidding url=] and |frameOrigin|. + |winner|'s [=generated bid/interest group=]'s [=interest group/bidding url=] and |settings|. 1. Let |buyerReportingScript| be the result of [=waiting for script body from a fetcher=] given |buyerReportingScriptFetcher|. 1. Let |reportFunctionName| be "`reportWin`". @@ -3283,7 +3293,7 @@ Initial implementation of this specification defines
To send a real time report given a [=URL=] |url|, a [=list=] of [=booleans=] - |histogram|, and an [=origin=] |frameOrigin|: + |histogram|, and an [=environment settings object=] |settings|: 1. Let |totalBuckets| be the sum of [=number of user buckets=] and [=number of platform buckets=]. 1. [=Assert=] |histogram|'s [=list/size=] is |totalBuckets|. @@ -3320,7 +3330,7 @@ Initial implementation of this specification defines : [=request/client=] :: `null` : [=request/origin=] - :: |frameOrigin| + :: |settings|'s [=environment settings object/origin=] : [=request/mode=] :: "`no-cors`" : [=request/referrer=] @@ -3329,6 +3339,9 @@ Initial implementation of this specification defines :: "`omit`" : [=request/redirect mode=] :: "`error`" + : [=request/policy container=] + :: A new [=policy container=] whose [=policy container/IP address space=] is |settings|'s + [=environment settings object/policy container=]'s [=policy container/IP address space=] Issue: One of the side-effects of a `null` client for this subresource request is it neuters all service worker interceptions, despite not having to set the service workers mode. @@ -3340,7 +3353,7 @@ Initial implementation of this specification defines
To send real time reports given a [=real time reporting contributions map=] - |contributionsMap| and an [=origin=] |frameOrigin|: + |contributionsMap| and an [=environment settings object=] |settings|: 1. [=map/For each=] |origin| → |contributions| of |contributionsMap|: 1. Let |maybeBucket| be the result of [=sampling real time contributions=] with |contributions|. @@ -3354,7 +3367,7 @@ Initial implementation of this specification defines :: |origin|'s [=origin/port=] : [=url/path=] :: « ".well-known", "interest-group", "real-time-report" » - 1. [=Send a real time report=] with |reportUrl|, |histogram| and |frameOrigin|. + 1. [=Send a real time report=] with |reportUrl|, |histogram| and |settings|. Issue: TODO: Spec rate limiting. (WICG/turtledove#1215) @@ -4836,13 +4849,14 @@ partial interface Navigator { The updateAdInterestGroups() method steps are: -1. [=In parallel=], run [=interest group update=] with - « [=relevant settings object=]'s [=environment/top-level origin=] » +1. Let |settings| be [=this=]'s [=relevant settings object=]. +1. [=In parallel=], run [=interest group update=] with « |settings|'s [=environment/top-level origin=] », + and |settings|'s [=environment settings object/policy container=].
To update interest groups given a [=list=] of [=origins=] - |owners|: + |owners|, and a [=policy container=] |policyContainer|: Implementations can consider aborting all updating if updating has been running for too long. This can avoid continuing to reveal coarse IP location information to update servers long after @@ -4874,6 +4888,9 @@ navigating to another page. Some implementations, such as Chromium, have chosen :: "`omit`" : [=request/redirect mode=] :: "`error`" + : [=request/policy container=] + :: A new [=policy container=] whose [=policy container/IP address space=] is |policyContainer|'s + [=policy container/IP address space=] Issue: One of the side-effects of a `null` client for this subresource request is it neuters all service worker interceptions, despite not having to set the service workers mode. @@ -5366,8 +5383,8 @@ Issue: Move from "`*`" to "`self`"
-To check interest group permissions given an [=origin=] |ownerOrigin|, an [=origin=] -|frameOrigin|, and an enum |joinOrLeave| which is "`join`" or "`leave`": +To check interest group permissions given an [=origin=] |ownerOrigin|, an +[=environment settings object=] |settings|, and an enum |joinOrLeave| which is "`join`" or "`leave`": 1. If |ownerOrigin| is [=same origin=] with |frameOrigin|, then return true. 1. Let |encodedFrameOrigin| be the result of [=string/UTF-8 percent-encoding=] the [=serialization of an origin|serialized=] |frameOrigin| using [=component percent-encode set=]. @@ -5388,9 +5405,9 @@ To check interest group permissions given an [=origin=] |ownerOrigin| : [=request/header list=] :: «`Accept`: `application/json`» : [=request/client=] - :: `null` + :: |settings| : [=request/origin=] - :: |frameOrigin| + :: "`client`" : [=request/mode=] :: "`cors`" : [=request/referrer=] @@ -5399,9 +5416,11 @@ To check interest group permissions given an [=origin=] |ownerOrigin| :: "`omit`" : [=request/redirect mode=] :: "`error`" + : [=request/service-workers mode=] + :: `none` + : [=request/policy container=] + :: "`client`" - Issue: One of the side-effects of a `null` client for this subresource request is it neuters all - service worker interceptions, despite not having to set the service workers mode. 1. Let |resource| be null. 1. [=Fetch=] |request| with [=fetch/useParallelQueue=] set to true, and [=fetch/processResponseConsumeBody=] set to the following steps given a [=response=] |response| @@ -6367,12 +6386,13 @@ headers. It's a [=struct=] with the following [=struct/items=]:
-To create a new script fetcher given a [=URL=] |url| and an [=origin=] |frameOrigin|: +To create a new script fetcher given a [=URL=] |url| and an [=environment settings object=] +|settings|: 1. Let |fetcher| be a new [=script fetcher=]. 1. Let |queue| be the result of [=starting a new parallel queue=]. 1. [=parallel queue/enqueue steps|Enqueue the following steps=] to |queue|: - 1. [=Fetch script=] given |url|, |frameOrigin| and |fetcher|. + 1. [=Fetch script=] given |url|, |settings| and |fetcher|. 1. Return |fetcher|.
@@ -6387,7 +6407,7 @@ To wait for script body from a fetcher given a [=script fetcher=] |fe To wait for cross origin trusted scoring signals authorization from a fetcher given a [=script fetcher=] |fetcher|: - 1. Wait until |fetcher|'s [=script fetcher/origins authorized for cross origin trusted signals=]. + 1. Wait until |fetcher|'s [=script fetcher/origins authorized for cross origin trusted signals=] is not null. 1. Return |fetcher|'s [=script fetcher/origins authorized for cross origin trusted signals=].
@@ -6412,8 +6432,8 @@ To parse allowed trusted scoring signals origins given a [=header lis
-To fetch script given a [=URL=] |url|, an [=origin=] |frameOrigin|, and a -[=script fetcher=] |fetcher|: +To fetch script given a [=URL=] |url|, an [=environment settings object=] |settings|, and +a [=script fetcher=] |fetcher|: 1. Let |request| be a new [=request=] with the following properties: : [=request/URL=] :: |url| @@ -6422,7 +6442,7 @@ To fetch script given a [=URL=] |url|, an [=origin=] |frameOrigin|, a : [=request/client=] :: `null` : [=request/origin=] - :: |frameOrigin| + :: |settings|'s [=environment settings object/origin=] : [=request/mode=] :: "`no-cors`" : [=request/referrer=] @@ -6431,6 +6451,9 @@ To fetch script given a [=URL=] |url|, an [=origin=] |frameOrigin|, a :: "`omit`" : [=request/redirect mode=] :: "`error`" + : [=request/policy container=] + :: A new [=policy container=] whose [=policy container/IP address space=] is |settings|'s + [=environment settings object/policy container=]'s [=policy container/IP address space=] Issue: One of the side-effects of a `null` client for this subresource request is it neuters all service worker interceptions, despite not having to set the service workers mode. @@ -6455,10 +6478,10 @@ To fetch script given a [=URL=] |url|, an [=origin=] |frameOrigin|, a 1. If [=validate fetching response mime and body=] with |response|, |responseBody| and "`text/javascript`" returns false, set |fetcher|'s [=script fetcher/script body=] to failure. - 1. Otherwise, set set |fetcher|'s [=script fetcher/script body=] to |responseBody|. + 1. Otherwise, set |fetcher|'s [=script fetcher/script body=] to |responseBody|. 1. Let |failureSteps| be a set of steps that take an [=exception=] e, and perform the following: - 1. Set set |fetcher|'s [=script fetcher/script body=] to failure. + 1. Set |fetcher|'s [=script fetcher/script body=] to failure. 1. [=ReadableStreamDefaultReader/Read all bytes=] from |bodyReader|, given |successSteps| and |failureSteps|.
@@ -6533,8 +6556,8 @@ To append to a bidding signals per-interest group data map given an [
To fetch the current outstanding trusted signals batch given a [=trusted bidding signals batcher=] |trustedBiddingSignalsBatcher|, a [=URL=] |signalsUrl|, -an [=origin=] |scriptOrigin|, an {{unsigned short}}-or-null |experimentGroupId|, -an [=origin=] |topLevelOrigin|, and a [=string=] |slotSizeQueryParam|: +an [=origin=] |scriptOrigin|, an {{unsigned short}}-or-null |experimentGroupId|, an [=origin=] +|topLevelOrigin|, a [=string=] |slotSizeQueryParam|, and a [=policy container=] |policyContainer|: 1. If |signalsUrl| is null, return. 1. Let |biddingSignalsUrl| be the result of [=building trusted bidding signals url=] with @@ -6542,7 +6565,8 @@ an [=origin=] |topLevelOrigin|, and a [=string=] |slotSizeQueryParam|: |trustedBiddingSignalsBatcher|'s [=trusted bidding signals batcher/ig names=], |experimentGroupId|, |topLevelOrigin|, and |slotSizeQueryParam|. 1. Let « |partialTrustedBiddingSignals|, |partialPerInterestGroupData|, |dataVersion| » be the - result of [=fetching trusted signals=] with |biddingSignalsUrl|, |scriptOrigin|, and true. + result of [=fetching trusted signals=] with |biddingSignalsUrl|, |scriptOrigin|, + |policyContainer| and true. 1. If |partialTrustedBiddingSignals| is not null: 1. [=map/For each=] |key| → |value| in |partialTrustedBiddingSignals|, [=map/set=] |trustedBiddingSignalsBatcher|'s [=trusted bidding signals batcher/all trusted bidding @@ -6563,9 +6587,9 @@ an [=origin=] |topLevelOrigin|, and a [=string=] |slotSizeQueryParam|:
To batch or fetch trusted bidding signals given a [=trusted bidding signals batcher=] -|trustedBiddingSignalsBatcher|, [=interest group=] |ig|, a [=URL=] |signalsUrl|, -an [=origin=] |scriptOrigin| an {{unsigned short}}-or-null |experimentGroupId|, -an [=origin=] |topLevelOrigin|, and a [=string=] |slotSizeQueryParam|: +|trustedBiddingSignalsBatcher|, [=interest group=] |ig|, a [=URL=] |signalsUrl|, an [=origin=] +|scriptOrigin|, an {{unsigned short}}-or-null |experimentGroupId|, an [=origin=] |topLevelOrigin|, a +[=string=] |slotSizeQueryParam|, and a [=policy container=] |policyContainer|: 1. Let |igName| be |ig|'s [=interest group/name=]. 1. If |signalsUrl| is null: @@ -6604,7 +6628,8 @@ an [=origin=] |topLevelOrigin|, and a [=string=] |slotSizeQueryParam|: |putativeLengthLimit|. 1. Otherwise: 1. [=Fetch the current outstanding trusted signals batch=] given |trustedBiddingSignalsBatcher|, - |signalsUrl|, |scriptOrigin|, |experimentGroupId|, |topLevelOrigin|, |slotSizeQueryParam|. + |signalsUrl|, |scriptOrigin|, |experimentGroupId|, |topLevelOrigin|, |slotSizeQueryParam|, and + |policyContainer|. 1. If |ig|'s [=interest group/trusted bidding signals keys=] is not null, set |trustedBiddingSignalsBatcher|'s [=trusted bidding signals batcher/keys=] to a [=list/clone=] of |ig|'s [=interest group/trusted bidding signals keys=].