From e98524bdc168b4d2f4e3c62675da7225164c0dde Mon Sep 17 00:00:00 2001 From: Dan McArdle Date: Thu, 9 Jan 2025 16:59:48 -0500 Subject: [PATCH 1/5] [spec] Enable per-context contribution limits for Private Aggregation The goal is to enable Shared Storage embedders to override the default number of contributions per Private Aggregation report. To that end, this change adds the `maxContributions` field to the web-visible Private Aggregation config dictionary and plumbs its value into Private Aggregation's "pre-specified report parameters". Context: * Explainer: patcg-individual-drafts/private-aggregation-api#146 * Spec change: patcg-individual-drafts/private-aggregation-api#164 --- spec.bs | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/spec.bs b/spec.bs index 3958e4c..a60c3a3 100644 --- a/spec.bs +++ b/spec.bs @@ -133,6 +133,7 @@ spec: private-aggregation-api; urlPrefix: https://patcg-individual-drafts.github for: pre-specified report parameters text: context ID text: filtering ID max bytes + text: max contributions text: batching scope text: debug scope text: process contributions for a batching scope @@ -579,11 +580,20 @@ Moreover, each {{SharedStorageWorklet}}'s [=global scopes|list of global scopes= 1. If |filteringIdMaxBytes| is not the [=default filtering ID max bytes=] or |contextId| is not null, return a new {{DOMException}} with name "`DataError`". + 1. Let |maxContributions| be null. + 1. If + |privateAggregationConfig|["{{SharedStoragePrivateAggregationConfig/maxContributions}}"] + [=map/exists=], set |maxContributions| to + |privateAggregationConfig|["{{SharedStoragePrivateAggregationConfig/maxContributions}}"]. + 1. If |maxContributions| is zero, return a new {{DOMException}} with name + "`DataError`". 1. Return a new [=pre-specified report parameters=] with the items: : context ID :: |contextId| : [=pre-specified report parameters/filtering ID max bytes=] :: |filteringIdMaxBytes| + : [=pre-specified report parameters/max contributions=] + :: |maxContributions|
@@ -1604,6 +1614,7 @@ On the other hand, methods for getting data from the [=shared storage database=] USVString aggregationCoordinatorOrigin; USVString contextId; [EnforceRange] unsigned long long filteringIdMaxBytes; + [EnforceRange] unsigned long long maxContributions; }; dictionary SharedStorageRunOperationMethodOptions { From 1a02d28600282b4bb9db8007d20a857ef26a6817 Mon Sep 17 00:00:00 2001 From: Jeffrey Yasskin Date: Tue, 21 Jan 2025 10:00:18 -0800 Subject: [PATCH 2/5] Avoid exporting duplicate Lock-related definitions from monkeypatches. (#212) --- spec.bs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spec.bs b/spec.bs index 3958e4c..b3dd352 100644 --- a/spec.bs +++ b/spec.bs @@ -2343,12 +2343,12 @@ SharedStorageWorkletNavigator includes NavigatorLocks; The {{LockManager}} and {{Lock}} are additionally exposed to SharedStorageWorklet: - +<xmp class='idl' noexport> [SecureContext, Exposed=(Window,Worker,SharedStorageWorklet)] interface LockManager {}; - +<xmp class='idl' noexport> [SecureContext, Exposed=(Window,Worker,SharedStorageWorklet)] interface Lock {}; From 893ade0da9c0fd7090e8c45428a2005df3b2f90e Mon Sep 17 00:00:00 2001 From: Andrew Verge Date: Wed, 22 Jan 2025 10:02:47 -0500 Subject: [PATCH 3/5] Re-enable builds for PRs in build.yml PR-Preview is currently [broken](https://github.com/tobie/pr-preview/issues/161) with no fix ETA, so there's no spec builds occurring for new PRs. There should probably be some build checks in place, even if we can't immediately see a preview for them. --- .github/workflows/build.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index bbee369..2d3614d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,5 +1,10 @@ name: Build on: + pull_request: + branches: + - main + paths: + - "**.bs" push: branches: [main] paths: ["**.bs"] From 4ad1b417a27cf769f8a24bd18c345d0da4645d44 Mon Sep 17 00:00:00 2001 From: Andrew Verge Date: Wed, 22 Jan 2025 10:26:30 -0500 Subject: [PATCH 4/5] Fix formatting --- .github/workflows/build.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2d3614d..7e6684b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,10 +1,8 @@ name: Build on: pull_request: - branches: - - main - paths: - - "**.bs" + branches: [main] + paths: ["**.bs"] push: branches: [main] paths: ["**.bs"] From 142b73557b647b6c41cbf6607a20af777ca7ffac Mon Sep 17 00:00:00 2001 From: Dan McArdle Date: Tue, 28 Jan 2025 09:38:46 -0500 Subject: [PATCH 5/5] [spec] Fix syntax errors detected by bikeshed 5.0.0 This addresses the following errors by adding missing `
` opening tags: LINE 1519: Saw an end tag
, but there's no open element corresponding to it. LINE 1540: Saw an end tag
, but there's no open element corresponding to it. LINE 1559: Saw an end tag , but there's no open element corresponding to it. Next, the following error appeared, which revealed we've been using the wrong linking syntax for `this` on line 1561 and in many other places. LINE 1561: The var 'this' (in algorithm 'SharedStorageClearMethod()' for SharedStorageClearMethod) is only used once. --- spec.bs | 37 ++++++++++++++++++++----------------- 1 file changed, 20 insertions(+), 17 deletions(-) diff --git a/spec.bs b/spec.bs index 7315728..66d7ec6 100644 --- a/spec.bs +++ b/spec.bs @@ -703,12 +703,12 @@ Moreover, each {{SharedStorageWorklet}}'s [=global scopes|list of global scopes= The {{Worklet/addModule()}} method steps for {{Worklet}} will need to include the following step before the step "Let |promise| be a new promise": - 4. If |this| is of type {{SharedStorageWorklet}}: - 1. Let |addModuleAllowedResult| be the result of running [=check if addModule is allowed and update state=] given |this| and moduleURLRecord. + 4. If [=this=] is of type {{SharedStorageWorklet}}: + 1. Let |addModuleAllowedResult| be the result of running [=check if addModule is allowed and update state=] given [=this=] and moduleURLRecord. 1. If |addModuleAllowedResult| is "DisallowedDueToNonPreferenceError": 1. Return [=a promise rejected with=] a {{TypeError}}. 1. Else if |addModuleAllowedResult| is "DisallowedDueToPreferenceError": - 1. If |this|'s [=SharedStorageWorklet/has cross-origin data origin=] is false, then return [=a promise rejected with=] a {{TypeError}}. + 1. If [=this=]'s [=SharedStorageWorklet/has cross-origin data origin=] is false, then return [=a promise rejected with=] a {{TypeError}}. 1. Else: 1. [=Assert=]: |addModuleAllowedResult| is "Allowed". @@ -722,7 +722,7 @@ Moreover, each {{SharedStorageWorklet}}'s [=global scopes|list of global scopes= After the step "Let addedSuccessfully be false", we need to include the following step: - 4. If |this| is of type {{SharedStorageWorklet}}, [=SharedStorageWorklet/has cross-origin data origin=] is true, and [=SharedStorageWorklet/data origin=] is not `"script-origin"`: + 4. If [=this=] is of type {{SharedStorageWorklet}}, [=SharedStorageWorklet/has cross-origin data origin=] is true, and [=SharedStorageWorklet/data origin=] is not `"script-origin"`: 1. [=Assert=] |pendingTasks| is 1. 1. Set |pendingTasks| to 2. 1. [=Queue a global task=] on the [=networking task source=] given workletGlobalScope to perform the following steps: @@ -758,7 +758,7 @@ Moreover, each {{SharedStorageWorklet}}'s [=global scopes|list of global scopes= 1. Abort these steps. 1. Let |doesMatch| be the result of running [=check for script and context origin match=] on |item|[`scriptOrigin`], moduleURLRecord's [=url/origin=], |item|[`contextOrigin`], and |outsideSettings|'s [=environment settings object/origin=]. 1. If |doesMatch| is true: - 1. [=Queue a global task=] on the [=networking task source=] given |this|'s [=relevant global object=] to perform the following steps: + 1. [=Queue a global task=] on the [=networking task source=] given [=this=]'s [=relevant global object=] to perform the following steps: 1. If |pendingTasks| is not −1, then: 1. Set |pendingTasks| to |pendingTasks| − 1. 1. If |pendingTasks| is 0, perform the following steps: @@ -779,9 +779,9 @@ Moreover, each {{SharedStorageWorklet}}'s [=global scopes|list of global scopes= Just before the final step, currently "Return promise.", add the following step: - 7. If |this| is a {{SharedStorageWorklet}}, [=upon fulfillment=] of |promise| or + 7. If [=this=] is a {{SharedStorageWorklet}}, [=upon fulfillment=] of |promise| or [=upon rejection=] of |promise|, run the following steps: - 1. Let |globalScopes| be |this|'s [=Worklet/global scopes=]. + 1. Let |globalScopes| be [=this=]'s [=Worklet/global scopes=]. 1. [=Assert=]: |globalScopes|' [=list/size=] equals 1. 1. Let |privateAggregationObj| be |globalScopes|[0]'s {{SharedStorageWorkletGlobalScope/privateAggregation}}. @@ -1487,14 +1487,15 @@ A {{SharedStorageDeleteMethod}} has the following associated fields: 1. Let |environment| be |context|'s [=active window=]'s [=relevant settings object=]. 1. Let |databaseMap| be the result of running [=obtain a shared storage bottle map=] given |environment| and |environment|'s [=environment settings object/origin=]. 1. If |databaseMap| is failure, throw a {{TypeError}}. - 1. Set |this|'s [=SharedStorageSetMethod/key=] to |key|. - 1. Set |this|'s [=SharedStorageSetMethod/value=] to |value|. - 1. Set |this|'s [=SharedStorageSetMethod/ignore if present=] to |options|["{{SharedStorageSetMethodOptions/ignoreIfPresent}}"]. + 1. Set [=this=]'s [=SharedStorageSetMethod/key=] to |key|. + 1. Set [=this=]'s [=SharedStorageSetMethod/value=] to |value|. + 1. Set [=this=]'s [=SharedStorageSetMethod/ignore if present=] to |options|["{{SharedStorageSetMethodOptions/ignoreIfPresent}}"]. 1. If |options|["{{SharedStorageModifierMethodOptions/withLock}}"] [=map/exists=]: 1. If |options|["{{SharedStorageModifierMethodOptions/withLock}}"] starts with U+002D HYPHEN-MINUS (-), throw a {{TypeError}}. - 1. Set |this|'s [=SharedStorageModifierMethod/with lock=] to |options|["{{SharedStorageModifierMethodOptions/withLock}}"]. + 1. Set [=this=]'s [=SharedStorageModifierMethod/with lock=] to |options|["{{SharedStorageModifierMethodOptions/withLock}}"]. +
The new SharedStorageAppendMethod(|key|, |value|, |options|) constructor steps are: 1. Let |globalObject| be the [=current realm=]'s [=global object=]. @@ -1511,13 +1512,14 @@ A {{SharedStorageDeleteMethod}} has the following associated fields: 1. Let |environment| be |context|'s [=active window=]'s [=relevant settings object=]. 1. Let |databaseMap| be the result of running [=obtain a shared storage bottle map=] given |environment| and |environment|'s [=environment settings object/origin=]. 1. If |databaseMap| is failure, throw a {{TypeError}}. - 1. Set |this|'s [=SharedStorageAppendMethod/key=] to |key|. - 1. Set |this|'s [=SharedStorageAppendMethod/value=] to |value|. + 1. Set [=this=]'s [=SharedStorageAppendMethod/key=] to |key|. + 1. Set [=this=]'s [=SharedStorageAppendMethod/value=] to |value|. 1. If |options|["{{SharedStorageModifierMethodOptions/withLock}}"] [=map/exists=]: 1. If |options|["{{SharedStorageModifierMethodOptions/withLock}}"] starts with U+002D HYPHEN-MINUS (-), throw a {{TypeError}}. - 1. Set |this|'s [=SharedStorageModifierMethod/with lock=] to |options|["{{SharedStorageModifierMethodOptions/withLock}}"]. + 1. Set [=this=]'s [=SharedStorageModifierMethod/with lock=] to |options|["{{SharedStorageModifierMethodOptions/withLock}}"].
+
The new SharedStorageAppendMethod(|key|, |options|) constructor steps are: 1. Let |globalObject| be the [=current realm=]'s [=global object=]. @@ -1533,12 +1535,13 @@ A {{SharedStorageDeleteMethod}} has the following associated fields: 1. Let |environment| be |context|'s [=active window=]'s [=relevant settings object=]. 1. Let |databaseMap| be the result of running [=obtain a shared storage bottle map=] given |environment| and |environment|'s [=environment settings object/origin=]. 1. If |databaseMap| is failure, throw a {{TypeError}}. - 1. Set |this|'s [=SharedStorageDeleteMethod/key=] to |key|. + 1. Set [=this=]'s [=SharedStorageDeleteMethod/key=] to |key|. 1. If |options|["{{SharedStorageModifierMethodOptions/withLock}}"] [=map/exists=]: 1. If |options|["{{SharedStorageModifierMethodOptions/withLock}}"] starts with U+002D HYPHEN-MINUS (-), throw a {{TypeError}}. - 1. Set |this|'s [=SharedStorageModifierMethod/with lock=] to |options|["{{SharedStorageModifierMethodOptions/withLock}}"]. + 1. Set [=this=]'s [=SharedStorageModifierMethod/with lock=] to |options|["{{SharedStorageModifierMethodOptions/withLock}}"].
+
The new SharedStorageClearMethod(|options|) constructor steps are: 1. Let |globalObject| be the [=current realm=]'s [=global object=]. @@ -1555,7 +1558,7 @@ A {{SharedStorageDeleteMethod}} has the following associated fields: 1. If |databaseMap| is failure, throw a {{TypeError}}. 1. If |options|["{{SharedStorageModifierMethodOptions/withLock}}"] [=map/exists=]: 1. If |options|["{{SharedStorageModifierMethodOptions/withLock}}"] starts with U+002D HYPHEN-MINUS (-), throw a {{TypeError}}. - 1. Set |this|'s [=SharedStorageModifierMethod/with lock=] to |options|["{{SharedStorageModifierMethodOptions/withLock}}"]. + 1. Set [=this=]'s [=SharedStorageModifierMethod/with lock=] to |options|["{{SharedStorageModifierMethodOptions/withLock}}"].
The {{SharedStorage}} Interface {#shared-storage-interface}