From d6b222bd30c9ac361e3e8b92462af1fd9d52e08d Mon Sep 17 00:00:00 2001 From: Yifan Luo Date: Thu, 25 Apr 2024 17:12:13 +0200 Subject: [PATCH] styles and worker&navigation flags --- HOWTO.md | 31 +++++++++++++++++-------------- 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/HOWTO.md b/HOWTO.md index 739abab..4766c05 100644 --- a/HOWTO.md +++ b/HOWTO.md @@ -24,42 +24,44 @@ It can be controlled in a variety of ways: PNA preflight requests are available in Chrome starting in version 98 under warning-mode. It can be switched between enforcing-mode and warning-mode in following ways: -* the command-line flags: `--enable-features=PrivateNetworkAccessRespectPreflightResults` +* the command-line flag: `--enable-features=PrivateNetworkAccessRespectPreflightResults` * the `chrome://` flag: `chrome://flags/#private-network-access-respect-preflight-results` -Chrome is sending preflight requests ahead of private network requests, but does -not require the response to be successful. The flag above enables enforcement: +Chrome is sending preflight requests ahead of private network requests, but does +not require the response to be successful. The flag above enables enforcement: if the preflight request fails, then the request is not sent. ### Navigations and Workers -PNA preflight requests are also available for navigations and workers under the +PNA preflight requests are also available for navigations and workers under the following command-line flags: + * `--enable-features=PrivateNetworkAccessForNavigations` * `--enable-features=PrivateNetworkAccessForWorkers` * `--enable-features=PrivateNetworkAccessForNavigationsWarningOnly` * `--enable-features=PrivateNetworkAccessForWorkersWarningOnly` -The first two flags enable the features under warning-mode. The second two flags -works only when the first two are enabled and enables the enforcement of the -features. +The first two flags enable the features under enforcement mode. The second two +flags works only when the first two are enabled and switch them into +warning-only mode for the features. The second two flags can also be set by the `chrome://` flag: + * `chrome://flags/#private-network-access-ignore-navigation-errors` * `chrome://flags/#private-network-access-ignore-worker-errors` ### Reducing timeout -In the ideal world, private servers will reply to the preflight requrests no -matter with or without the correct headers. However, there are several real life -cases that some servers would just drop the requests they do not understand and +In the ideal world, private servers will reply to the preflight requrests no +matter with or without the correct headers. However, there are several real life +cases that some servers would just drop the requests they do not understand and Chrome will wait forever until a TCP timeout. -In this case, Chrome provides an extra timeout limit, which is 200ms, to limit +In this case, Chrome provides an extra timeout limit, which is 200ms, to limit the influence for websites and server haven't yet migrate with Private Network Access Preflights and do not reply to preflight requests. -This extra timeout limit can be turned off by using the `chrome://` flag +This extra timeout limit can be turned off by using the `chrome://` flag `chrome://flags/#private-network-access-preflight-short-timeout`. ## Permission Prompt @@ -67,6 +69,7 @@ This extra timeout limit can be turned off by using the `chrome://` flag PNA permission prompt is available in Chrome desktop starting in version 120. It can be controlled in a variety of ways: + * the command-line flag: `--enable-features=PrivateNetworkAccessPermissionPrompt` * the `chrome://` flag: `chrome://flags/#private-network-access-permission-prompt` @@ -81,8 +84,8 @@ See [here](https://www.chromium.org/developers/how-tos/run-chromium-with-flags) for instructions on setting command-line flags. You can then test your own web app, or use a test page like -https://private-network-access-test.glitch.me/ or -https://private-network-access-permission-test.glitch.me/ for the permission +https://private-network-access-test.glitch.me/ or +https://private-network-access-permission-test.glitch.me/ for the permission prompt. Errors should manifest as CORS errors in the DevTools console, and as "Blocked