Float integrity bugfix #27224
Merged
Float integrity bugfix #27224
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
facebook-github-bot
added
CLA Signed
React Core Team
sebmarkbage
approved these changes
Aug 14, 2023
gnoff
added a commit
that referenced
this pull request
Aug 17, 2023
…dule` (#27220) Stacked on #27224 ### Implements `ReactDOM.preloadModule()` `preloadModule` is a function to preload modules of various types. Similar to `preload` this is useful when you expect to use a Resource soon but can't render that resource directly. At the moment the only sensible module to preload is script modules along with some other `as` variants such as `as="serviceworker"`. In the future when there is some notion of how to preload style module script or json module scripts this API will be extended to support those as well. ##### Arguments 1. `href: string` -> the href or src value you want to preload. 2. `options?: {...}` -> 2.1. `options.as?: string` -> the `as` property the modulepreload link should render with. If not provided it will be omitted which will cause the modulepreload to be treated like a script module 2.2. `options.crossOrigin?: string` -> modules always load with CORS but you can provide `use-credentials` if you want to change the default behavior 2.3. `options.integrity?: string` -> an integrity hash for subresource integrity APIs ##### Rendering each preloaded module will emit a `<link rel="modulepreload" href="..." />` if `as` is specified and is something other than `"script"` the as attribute will also be included if crossOrigin or integrity as specified their attributes will also be included During SSR these script tags will be emitted before content. If we have not yet flushed the document head they will be emitted there after things that block paint such as font preloads, img preloads, and stylesheets. On the client these link tags will be appended to the document.head. ### Implements `ReactDOM.preinitModule()` `preinitModule` is a function to loading module scripts before they are required. It has the same use cases as `preinit`. During SSR you would use this to tell the browsers to start fetching code that will be used without having to wait for bootstrapping to initiate module fetches. ON the client you would use this to start fetching a module script early for an anticipated navigation or other event that is likely to depend on this module script. the `as` property for Float methods drew inspiration from the `as` attribute of the `<link rel="preload" ... >` tag but it is used as a sort of tag for the kind of thing being targetted by Float methods. For `preinitModule` we currently only support `as: "script"` and this is also the assumed default type so you current never need to specify this `as` value. In the future `preinitModule` will support additional module script types such as `style` or `json`. The support of these types will correspond to [Module Import Attributes](https://github.com/tc39/proposal-import-attributes). ##### Arguments 1. `href: string` -> the href or src value you want to preinitialize 2. `options?: {...}` -> 2.1 `options.as?: string` -> only supports `script` and this is the default behavior. Until we support import attributes such as `json` and `style` there will not be much reason to provide an `as` option. 2.2. `options.crossOrigin?: string`: modules always load with CORS but you can provide `use-credentials` if you want to change the default behavior 2.3 `options.integrity?: string` -> an integrity hash for subresource integrity APIs ##### Rendering each preinitialized `script` module will emit a `<script type="module" async="" src"...">` During SSR these will appear behind display blocking resources such as font preloads, img preloads, and stylesheets. In the browser these will be appende to the head. Note that for other `as` types the rendered output will be slightly different. `<script type="module">import "..." with {type: "json" }</script>`. Since this tag is an inline script variants of React that do not use inline scripts will simply omit these preinitialization tags from the SSR output. This is not implemented in this PR but will appear in a future update.
github-actions bot
pushed a commit
that referenced
this pull request
Aug 17, 2023
…dule` (#27220) Stacked on #27224 ### Implements `ReactDOM.preloadModule()` `preloadModule` is a function to preload modules of various types. Similar to `preload` this is useful when you expect to use a Resource soon but can't render that resource directly. At the moment the only sensible module to preload is script modules along with some other `as` variants such as `as="serviceworker"`. In the future when there is some notion of how to preload style module script or json module scripts this API will be extended to support those as well. ##### Arguments 1. `href: string` -> the href or src value you want to preload. 2. `options?: {...}` -> 2.1. `options.as?: string` -> the `as` property the modulepreload link should render with. If not provided it will be omitted which will cause the modulepreload to be treated like a script module 2.2. `options.crossOrigin?: string` -> modules always load with CORS but you can provide `use-credentials` if you want to change the default behavior 2.3. `options.integrity?: string` -> an integrity hash for subresource integrity APIs ##### Rendering each preloaded module will emit a `<link rel="modulepreload" href="..." />` if `as` is specified and is something other than `"script"` the as attribute will also be included if crossOrigin or integrity as specified their attributes will also be included During SSR these script tags will be emitted before content. If we have not yet flushed the document head they will be emitted there after things that block paint such as font preloads, img preloads, and stylesheets. On the client these link tags will be appended to the document.head. ### Implements `ReactDOM.preinitModule()` `preinitModule` is a function to loading module scripts before they are required. It has the same use cases as `preinit`. During SSR you would use this to tell the browsers to start fetching code that will be used without having to wait for bootstrapping to initiate module fetches. ON the client you would use this to start fetching a module script early for an anticipated navigation or other event that is likely to depend on this module script. the `as` property for Float methods drew inspiration from the `as` attribute of the `<link rel="preload" ... >` tag but it is used as a sort of tag for the kind of thing being targetted by Float methods. For `preinitModule` we currently only support `as: "script"` and this is also the assumed default type so you current never need to specify this `as` value. In the future `preinitModule` will support additional module script types such as `style` or `json`. The support of these types will correspond to [Module Import Attributes](https://github.com/tc39/proposal-import-attributes). ##### Arguments 1. `href: string` -> the href or src value you want to preinitialize 2. `options?: {...}` -> 2.1 `options.as?: string` -> only supports `script` and this is the default behavior. Until we support import attributes such as `json` and `style` there will not be much reason to provide an `as` option. 2.2. `options.crossOrigin?: string`: modules always load with CORS but you can provide `use-credentials` if you want to change the default behavior 2.3 `options.integrity?: string` -> an integrity hash for subresource integrity APIs ##### Rendering each preinitialized `script` module will emit a `<script type="module" async="" src"...">` During SSR these will appear behind display blocking resources such as font preloads, img preloads, and stylesheets. In the browser these will be appende to the head. Note that for other `as` types the rendered output will be slightly different. `<script type="module">import "..." with {type: "json" }</script>`. Since this tag is an inline script variants of React that do not use inline scripts will simply omit these preinitialization tags from the SSR output. This is not implemented in this PR but will appear in a future update. DiffTrain build for [e505316](e505316)
kodiakhq bot
pushed a commit
to vercel/next.js
that referenced
this pull request
Aug 22, 2023
### React upstream changes - facebook/react#27265 - facebook/react#27259 - facebook/react#27264 - facebook/react#27257 - facebook/react#27258 - facebook/react#27187 - facebook/react#27243 - facebook/react#27205 - facebook/react#27220 - facebook/react#27238 - facebook/react#27234 - facebook/react#27224 - facebook/react#27223 - facebook/react#27222 This will help unblock #53906
EdisonVan
pushed a commit
to EdisonVan/react
that referenced
this pull request
Apr 15, 2024
Stacked on facebook#27223 When a script resource adopts certain props from a preload for that resource the integrity prop was incorrectly getting assinged to the referrerPolicy prop instead. This is now fixed.
EdisonVan
pushed a commit
to EdisonVan/react
that referenced
this pull request
Apr 15, 2024
…dule` (facebook#27220) Stacked on facebook#27224 ### Implements `ReactDOM.preloadModule()` `preloadModule` is a function to preload modules of various types. Similar to `preload` this is useful when you expect to use a Resource soon but can't render that resource directly. At the moment the only sensible module to preload is script modules along with some other `as` variants such as `as="serviceworker"`. In the future when there is some notion of how to preload style module script or json module scripts this API will be extended to support those as well. ##### Arguments 1. `href: string` -> the href or src value you want to preload. 2. `options?: {...}` -> 2.1. `options.as?: string` -> the `as` property the modulepreload link should render with. If not provided it will be omitted which will cause the modulepreload to be treated like a script module 2.2. `options.crossOrigin?: string` -> modules always load with CORS but you can provide `use-credentials` if you want to change the default behavior 2.3. `options.integrity?: string` -> an integrity hash for subresource integrity APIs ##### Rendering each preloaded module will emit a `<link rel="modulepreload" href="..." />` if `as` is specified and is something other than `"script"` the as attribute will also be included if crossOrigin or integrity as specified their attributes will also be included During SSR these script tags will be emitted before content. If we have not yet flushed the document head they will be emitted there after things that block paint such as font preloads, img preloads, and stylesheets. On the client these link tags will be appended to the document.head. ### Implements `ReactDOM.preinitModule()` `preinitModule` is a function to loading module scripts before they are required. It has the same use cases as `preinit`. During SSR you would use this to tell the browsers to start fetching code that will be used without having to wait for bootstrapping to initiate module fetches. ON the client you would use this to start fetching a module script early for an anticipated navigation or other event that is likely to depend on this module script. the `as` property for Float methods drew inspiration from the `as` attribute of the `<link rel="preload" ... >` tag but it is used as a sort of tag for the kind of thing being targetted by Float methods. For `preinitModule` we currently only support `as: "script"` and this is also the assumed default type so you current never need to specify this `as` value. In the future `preinitModule` will support additional module script types such as `style` or `json`. The support of these types will correspond to [Module Import Attributes](https://github.com/tc39/proposal-import-attributes). ##### Arguments 1. `href: string` -> the href or src value you want to preinitialize 2. `options?: {...}` -> 2.1 `options.as?: string` -> only supports `script` and this is the default behavior. Until we support import attributes such as `json` and `style` there will not be much reason to provide an `as` option. 2.2. `options.crossOrigin?: string`: modules always load with CORS but you can provide `use-credentials` if you want to change the default behavior 2.3 `options.integrity?: string` -> an integrity hash for subresource integrity APIs ##### Rendering each preinitialized `script` module will emit a `<script type="module" async="" src"...">` During SSR these will appear behind display blocking resources such as font preloads, img preloads, and stylesheets. In the browser these will be appende to the head. Note that for other `as` types the rendered output will be slightly different. `<script type="module">import "..." with {type: "json" }</script>`. Since this tag is an inline script variants of React that do not use inline scripts will simply omit these preinitialization tags from the SSR output. This is not implemented in this PR but will appear in a future update.
bigfootjon
pushed a commit
that referenced
this pull request
Apr 18, 2024
bigfootjon
pushed a commit
that referenced
this pull request
Apr 18, 2024
…dule` (#27220) Stacked on #27224 ### Implements `ReactDOM.preloadModule()` `preloadModule` is a function to preload modules of various types. Similar to `preload` this is useful when you expect to use a Resource soon but can't render that resource directly. At the moment the only sensible module to preload is script modules along with some other `as` variants such as `as="serviceworker"`. In the future when there is some notion of how to preload style module script or json module scripts this API will be extended to support those as well. ##### Arguments 1. `href: string` -> the href or src value you want to preload. 2. `options?: {...}` -> 2.1. `options.as?: string` -> the `as` property the modulepreload link should render with. If not provided it will be omitted which will cause the modulepreload to be treated like a script module 2.2. `options.crossOrigin?: string` -> modules always load with CORS but you can provide `use-credentials` if you want to change the default behavior 2.3. `options.integrity?: string` -> an integrity hash for subresource integrity APIs ##### Rendering each preloaded module will emit a `<link rel="modulepreload" href="..." />` if `as` is specified and is something other than `"script"` the as attribute will also be included if crossOrigin or integrity as specified their attributes will also be included During SSR these script tags will be emitted before content. If we have not yet flushed the document head they will be emitted there after things that block paint such as font preloads, img preloads, and stylesheets. On the client these link tags will be appended to the document.head. ### Implements `ReactDOM.preinitModule()` `preinitModule` is a function to loading module scripts before they are required. It has the same use cases as `preinit`. During SSR you would use this to tell the browsers to start fetching code that will be used without having to wait for bootstrapping to initiate module fetches. ON the client you would use this to start fetching a module script early for an anticipated navigation or other event that is likely to depend on this module script. the `as` property for Float methods drew inspiration from the `as` attribute of the `<link rel="preload" ... >` tag but it is used as a sort of tag for the kind of thing being targetted by Float methods. For `preinitModule` we currently only support `as: "script"` and this is also the assumed default type so you current never need to specify this `as` value. In the future `preinitModule` will support additional module script types such as `style` or `json`. The support of these types will correspond to [Module Import Attributes](https://github.com/tc39/proposal-import-attributes). ##### Arguments 1. `href: string` -> the href or src value you want to preinitialize 2. `options?: {...}` -> 2.1 `options.as?: string` -> only supports `script` and this is the default behavior. Until we support import attributes such as `json` and `style` there will not be much reason to provide an `as` option. 2.2. `options.crossOrigin?: string`: modules always load with CORS but you can provide `use-credentials` if you want to change the default behavior 2.3 `options.integrity?: string` -> an integrity hash for subresource integrity APIs ##### Rendering each preinitialized `script` module will emit a `<script type="module" async="" src"...">` During SSR these will appear behind display blocking resources such as font preloads, img preloads, and stylesheets. In the browser these will be appende to the head. Note that for other `as` types the rendered output will be slightly different. `<script type="module">import "..." with {type: "json" }</script>`. Since this tag is an inline script variants of React that do not use inline scripts will simply omit these preinitialization tags from the SSR output. This is not implemented in this PR but will appear in a future update. DiffTrain build for commit e505316.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Stacked on #27223
When a script resource adopts certain props from a preload for that resource the integrity prop was incorrectly getting assinged to the referrerPolicy prop instead. This is now fixed.