Trust Tokens: Give locally fulfilled issuance a distinct exception

A Trust Tokens issuance request is a request created by fetch(..., {trustToken: {type: 'token-request'}}) With the new "platform-provided trust tokens" expansion of the Trust Tokens feature, the request's destination origin can provide configuration indicating that the browser should divert the origin's Trust Tokens issuance requests to system-local providers, on platforms that support this behavior (currently Android). [1] In this case, there's no need to send an HTTP request directly to the destination URL provided in the fetch() call, so we return early via URLLoader::OnComplete(URLLoaderCompletionStatus). We provide a non-net::OK error code to this URLLoader::OnComplete call since we won't receive an HTTP response from the request's destination. Since this case is semantically a success, we want the caller to be able to distinguish it from errors encountered during the Trust Tokens operation. This CL updates trust_token_to_mojom.cc to throw a NoModificationAllowedError, instead of OperationError, when operations are successfully diverted locally. It might make more sense from an API design perspective to resolve the promise, instead of rejecting it, in this case. This would require some refactoring in the loader (or the willingness to resolve a promise from FetchManager::Loader::DidFail!). For now, returning a distinct exception at least allows callers to distinguish this success case from the feature's failure cases. I've updated the user guide to mention this behavior. [2] [1]: https://bit.ly/platform-provided-trust-tokens [2]: https://bit.ly/trust-token-prototype-user-guide R=yhirano CC=zhengwe@google.com Test: The child CL adds browser tests covering this path Bug: 1154847 Change-Id: Ie56ddd0aaf544289184f7d0b47f525fcb654877b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2585792 Commit-Queue: David Van Cleve <davidvc@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#838238}

Trust Tokens: Give locally fulfilled issuance a distinct exception
A Trust Tokens issuance request is a request created by fetch(..., {trustToken: {type: 'token-request'}}) With the new "platform-provided trust tokens" expansion of the Trust Tokens feature, the request's destination origin can provide configuration indicating that the browser should divert the origin's Trust Tokens issuance requests to system-local providers, on platforms that support this behavior (currently Android). [1] In this case, there's no need to send an HTTP request directly to the destination URL provided in the fetch() call, so we return early via URLLoader::OnComplete(URLLoaderCompletionStatus). We provide a non-net::OK error code to this URLLoader::OnComplete call since we won't receive an HTTP response from the request's destination. Since this case is semantically a success, we want the caller to be able to distinguish it from errors encountered during the Trust Tokens operation. This CL updates trust_token_to_mojom.cc to throw a NoModificationAllowedError, instead of OperationError, when operations are successfully diverted locally. It might make more sense from an API design perspective to resolve the promise, instead of rejecting it, in this case. This would require some refactoring in the loader (or the willingness to resolve a promise from FetchManager::Loader::DidFail!). For now, returning a distinct exception at least allows callers to distinguish this success case from the feature's failure cases. I've updated the user guide to mention this behavior. [2] [1]: https://bit.ly/platform-provided-trust-tokens [2]: https://bit.ly/trust-token-prototype-user-guide R=yhirano CC=zhengwe@google.com Test: The child CL adds browser tests covering this path Bug: 1154847 Change-Id: Ie56ddd0aaf544289184f7d0b47f525fcb654877b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2585792 Commit-Queue: David Van Cleve <davidvc@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#838238}
77ab1e36 · David Van Cleve · Chromium LUCI CQ · a19824ba · 77ab1e36
Commit 77ab1e36 authored Dec 17, 2020 by David Van Cleve Committed by Chromium LUCI CQ Dec 17, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 0 deletions

third_party/blink/renderer/core/fetch/trust_token_to_mojom.cc ...d_party/blink/renderer/core/fetch/trust_token_to_mojom.cc +7 -0

No files found.
--- a/third_party/blink/renderer/core/fetch/trust_token_to_mojom.cc
+++ b/third_party/blink/renderer/core/fetch/trust_token_to_mojom.cc
@@ -112,6 +112,13 @@ DOMException* TrustTokenErrorToDOMException(
          "cache hit",
          DOMException::GetErrorName(
              DOMExceptionCode::kNoModificationAllowedError));
+    case network::mojom::blink::TrustTokenOperationStatus::
+        kOperationSuccessfullyFulfilledLocally:
+      return DOMException::Create(
+          "Trust Tokens operation satisfied locally, without needing to send "
+          "the request to its initial destination",
+          DOMException::GetErrorName(
+              DOMExceptionCode::kNoModificationAllowedError));
    case network::mojom::blink::TrustTokenOperationStatus::kFailedPrecondition:
      return DOMException::Create(
          "Precondition failed during Trust Tokens operation",