CHIPS OT - Avoiding the requirement to have OT headers in every response #33
Replies: 1 comment
-
Hey @nikhiljosya, below is an early proposal for a new CHIPS OT design that we would support with the current design concurrently. The design is a WIP and I haven't scoped all the changes I'd need to make in Chromium, but, in theory, it should be possible. Which responses does the CHIPS OT really care about?Really, CHIPS only cares about responses that have some signal that the server intends to modify the client's cookie jar. The clearest signal of this is the New OT designIdeally, we would want to support both the existing OT design using client hints and this new OT design simultaneously so we do not pull the rug out from partners already in the trial. Given that constraint, I propose we support two designs simultaneously: The first is the existing OT design, so I won't go into detail about it in this doc. The design is covered in detail at the CHIPS documentation page on chromium.org. The second design does away with the In the second design, Chrome would only have a signal that the site is in the OT once they have saved partitioned cookies. If the client has partitioned cookies saved, it will send the If the site does not have any partitioned cookies in their cookie jar, Chrome will assume they are not in the OT, and it will not send the client hint. Proposed algorithms for requests/responsesChrome will handle requests using the following algorithm (unchanged from the existing design):
Chrome will handle responses using the following algorithm:
Let us know if this design works better for you, and open to any suggestions/feedback from you or anyone else interested in this thread. |
Beta Was this translation helpful? Give feedback.
-
Background
My team and I have been working on using the CHIPS OT to run experiments for several features in our and our client teams that currently rely on 3P cookies. Working in a large org, we have a lot of subdomains, and most of the subdomains are served by various front-end servers. Also, the CHIPS OT uses (a) the
Origin-Trial
&Accept-CH
headers in the response to register a domains interest in participating in the OT & (b) expects the domains to send theOrigin-Trial
&Accept-CH
headers in every subsequent response from the domain to track the intent of continued participation in the OT.Issue
Because of the above strict requirements w.r.t to the OT headers in every response from the registered domains, we are currently experience the following issues:
Ask
An alternative solution to the requirement of including the OT headers in every response. This would really simplify our implementation and make our experiments stable.
One possible solution could be to introduce an explicit opt-out logic for interested domains so that they do not need to send OT headers in every response but just send an opt-out header to signify the intent to opt-out.
Beta Was this translation helpful? Give feedback.
All reactions