Topics API
- +More details about this document
Table of Contents
-
-
- 14.1 send browsing topics header boolean associated with Request -
- 14.2 browsingtopics content attribute for HTMLIframeElement -
- 14.3 browsingTopics attribute in RequestInit -
- 14.4 Modification to request constructor steps -
- 14.5 Modification to "create navigation params by fetching" steps -
- 14.6 The `
Sec-Browsing-Topics` HTTP request header - - 14.7 Modification to HTTP-network-or-cache fetch algorithm -
- 14.8 Append or modify a request
Sec-Browsing-Topicsheader - - 14.9 The `
Observe-Browsing-Topics` HTTP response header - - 14.10 Modification to HTTP fetch steps +
- 15.1 send browsing topics header boolean associated with Request +
- 15.2 browsingtopics content attribute for HTMLIframeElement +
- 15.3 browsingTopics attribute in RequestInit +
- 15.4 Modification to request constructor steps +
- 15.5 Modification to "create navigation params by fetching" steps +
- 15.6 The `
Sec-Browsing-Topics` HTTP request header + - 15.7 Modification to HTTP-network-or-cache fetch algorithm +
- 15.8 Append or modify a request
Sec-Browsing-Topicsheader + - 15.9 The `
Observe-Browsing-Topics` HTTP response header + - 15.10 Modification to HTTP fetch steps
-
@@ -939,7 +940,50 @@
-
+
Let topicsCount be an empty map.
+ -
+
For each topics history entry historyEntry in historyEntriesForUserTopics:
+-
+
-
+
Let topicIds be the result of classifying historyEntry’s topics calculation input data.
+ -
+
For each topicId in topicIds:
+-
+
-
+
If topicsCount[topicId] does not exist:
+-
+
-
+
Initialize topicsCount[topicId] to 0.
+
-
+
-
+
Increment topicsCount[topicId] by 1.
+
-
+
-
+
-
+
Let top5Topics be a list containing the top up to 5 topicIds in topicsCount’s keys, where the topicIds with more count are retrieved first.
+ -
+
If top5Topics has less than 5 entries:
+-
+
-
+
Pad top5Topics with random topic ids from user agent’s taxonomy, until top5Topics has 5 entries.
+
-
+
-
+
Return top5Topics.
+ -
-
If either user agent’s model or taxonomy isn’t available:
+If either user agent’s model or taxonomy isn’t available:
-
Let epoch be an epoch struct with default initial field values.
@@ -998,7 +1042,7 @@duration of 21 days).
-
-
For each topics history entry topicsHistoryEntry in user agent’s topics history storage:
+For each topics history entry topicsHistoryEntry in user agent’s topics history storage:
-
Let visitTime be topicsHistoryEntry’s time.
-
If visitTime is before topicsCallerDataStartTime, then continue.
-
-
Classify topicsHistoryEntry’s topics calculation input data into topicIds.
+Let topicIds be the result of classifying topicsHistoryEntry’s topics calculation input data.
+ -
+
If visitTime is greater than userTopicsDataStartTime:
+-
+
-
+
Append topicsHistoryEntry to historyEntriesForUserTopics.
+
-
+
-
For each topicId in topicIds:
-
@@ -1021,38 +1071,20 @@
list. -
-
-
If topicsCount[topicId] does not exist:
--
-
-
-
Initialize topicsCount[topicId] to 0.
+Initialize topicsCallers[topicId] to be an empty list.
-
-
-
For each callerOrigin in topicsHistoryEntry’s topics caller origins:
-
-
Append callerOrigin to topicsCallers[topicId].
-
-
-
-
-
If visitTime is greater than userTopicsDataStartTime:
--
-
-
-
Increment topicsCount[topicId] by 1.
+Append callerOrigin to topicsCallers[topicId].
-
-
-
-
-
-
Let top5Topics be a list containing the top up to 5 topicIds in topicsCount’s keys set, where the topicIds with more count are retrieved first.
- -
-
If top5Topics has less than 5 entries:
--
-
-
-
Pad top5Topics with random topic ids from user agent’s taxonomy, until top5Topics has 5 entries.
-
Let top5Topics be the result of running derive top 5 topics algorithm, given historyEntriesForUserTopics.
-
-
-
-
Let top5TopicsWithCallerOrigins be an empty list.
+Let top5TopicsWithCallerOrigins be an empty list.
-
For each topTopicId in top5Topics:
-
@@ -1079,7 +1111,7 @@
Append topicWithCallerOrigins to top5TopicsWithCallerOrigins. +
Append topicWithCallerOrigins to top5TopicsWithCallerOrigins.
-
Let epoch be an epoch struct with default initial field values.
@@ -1096,21 +1128,21 @@time to fromUnixEpochTime.
-
-
Append epoch to user agent’s user topics state's epochs.
+Append epoch to user agent’s user topics state's epochs.
-
If user agent’s user topics state's epochs has more than 4 entries, remove the oldest epoch.
-
Schedule this calculate user topics algorithm to run at Unix epoch + fromUnixEpochTime + (a duration of 7 days).
-
Let epochs be user agent’s user topics state's epochs.
-
-
If epochs is empty, then return an empty list.
+If epochs is empty, then return an empty list.
-
Let numEpochs be epochs’s size.
-
@@ -1126,7 +1158,7 @@
Let timestamp be callerContext’s timestamp.
- -
Let result be an empty list.
+Let result be an empty list.
Let startEpochIndex be -1.
- @@ -1143,7 +1175,7 @@
Else:
-
-
Set startEpochIndex to max(numEpochs − 1, 0).
+Set startEpochIndex to max(numEpochs − 3, 0).
-
Set endEpochIndex to numEpochs − 1.
If endEpochIndex ≥ 0:
- -
-
Let epochs be the result of running the calculate the epochs for caller algorithm given callerContext as input.
-
-
Let result be an empty list.
+Let result be an empty list.
-
For each epoch in epochs:
-
@@ -1265,7 +1297,7 @@
This roughly selects one random topic from each of the previous epochs (to limit cross-site reidentification capabilities), and only returns those that were observed by the caller (so that this provides roughly only a subset of the capabilities of third-party cookies). For each epoch, there is a 5% chance to return a random topic from the full taxonomy, rather than returning the real top topic, so as to provide some amount of plausible deniability. This random topic will only be returned if the caller would have received the real top topic (i.e. observed by the caller). This makes it non-trivial to detect which topics are the random topics (see github issue). All the randomnesses involved in this process are sticky to the user agent, epoch, and site. The HMAC helps to compute the random sticky values on the fly, without needing to store extra data for each epoch and site.
-
If init["
browsingTopics"] exists, then set request’s send browsing topics header boolean to it. -
If navigable’s container is an
iframeelement, and if it has abrowsingtopicscontent attribute, then set request’s send browsing topics header boolean to true. -
Append or modify a request `
Sec-Browsing-Topics` header for httpRequest. -
Let versionMaxLength be the length of the current maximum version string length.
-
@@ -1536,12 +1568,12 @@
Three returned topics, and underlying epochs have three different versions:
(100);v=chrome.1:1:20, (200);v=chrome.1:1:40, (300);v=chrome.1:1:60, ();p=P
9. Periodically calculate user topics
+9. Derive top 5 topics
+Given a list of topics history entries historyEntriesForUserTopics, the browser should provide an algorithm to derive top 5 topics, that are believed to be valuable for the Topics callers. The algorithm should return a list of 5 topic ids.
+Given a list of topics history entries historyEntriesForUserTopics:
+-
+
10. Periodically calculate user topics
At the start of a browser session, run the schedule user topics calculation algorithm.
duration from the Unix epoch to moment.
10. Epochs for caller
+11. Epochs for caller
11. Get the number of distinct versions in epochs
+12. Get the number of distinct versions in epochs
-
@@ -1186,14 +1218,14 @@
size.
12. Topics for caller
+13. Topics for caller
BrowsingTopics.
13. The JavaScript API
+14. The JavaScript API
The Topics API lives under the Document interface, and is only available if the document is in secure context.
dictionary {BrowsingTopicsOptions boolean =skipObservation false ; @@ -1342,49 +1374,49 @@
14. fetch() and iframe integration
+15. fetch() and iframe integration
Topics can be sent in the HTTP header forfetch() requests and for iframe navigation requests. The response header for a topics related request can specify whether the caller should to be recorded.
- 14.1. send browsing topics header boolean associated with Request
+15.1. send browsing topics header boolean associated with Request
A request has an associated send browsing topics header boolean. Unless stated otherwise it is false.TODO: make the modification directly to the fetch spec.
-14.2. browsingtopics content attribute for HTMLIframeElement
+15.2. browsingtopics content attribute for HTMLIframeElement
The iframe element contains abrowsingtopics content attribute. The IDL attribute browsingTopics reflects the browsingtopics content attribute.
partial interface HTMLIFrameElement { [CEReactions ]attribute boolean browsingTopics ; };
TODO: make the modification directly to the html spec.
-14.3. browsingTopics attribute in RequestInit
+15.3. browsingTopics attribute in RequestInit
The RequestInit dictionary contains a browsingTopics attribute:partial dictionary RequestInit {boolean ; };browsingTopics
TODO: make the modification directly to the fetch spec.
-14.4. Modification to request constructor steps
+15.4. Modification to request constructor steps
The following step will be added to the new Request(input, init) constructor steps, before step "Set this’s request to request":TODO: make the modification directly to the fetch spec.
-14.5. Modification to "create navigation params by fetching" steps
+15.5. Modification to "create navigation params by fetching" steps
The following step will be added to the create navigation params by fetching steps, after step "Let request be a new request, with ...":TODO: make the modification directly to the html spec.
-14.6. The `Sec-Browsing-Topics` HTTP request header
+ 15.6. The `Sec-Browsing-Topics` HTTP request header
This specification defines a `Sec-Browsing-Topics` HTTP request header. It is used to send the topics.
14.7. Modification to HTTP-network-or-cache fetch algorithm
+15.7. Modification to HTTP-network-or-cache fetch algorithm
The following step will be added to the HTTP-network-or-cache fetch algorithm, before step "Modify httpRequest’s header list per HTTP. ...":TODO: make the modification directly to the fetch spec.
-14.8. Append or modify a request Sec-Browsing-Topics header
+ 15.8. Append or modify a request Sec-Browsing-Topics header
Sec-Browsing-Topics` header, given a request request, run these steps:
-
@@ -1467,7 +1499,7 @@
topic id (e.g. for Chrome’s initial taxonomy, topicMaxLength is 3, as the topic id has maximum 3 digits). +
Let topicMaxLength be number of base-10 digits in the maximum topic id (e.g. for Chrome’s initial taxonomy, topicMaxLength is 3, as the topic id has maximum 3 digits).
Why adding paddings: servers typically have a GET request size limit e.g. 8KB, and will return an error when the limit is reached. An attacker can rely this to learn the number of topics for a different origin, and/or a small amount of information about the topics themselves (e.g whether the topic ids are < 10, < 100, etc.)
+Why adding paddings: servers typically have a GET request size limit e.g. 8KB, and will return an error when the limit is reached. An attacker can rely this to learn the number of topics for a different origin, and/or a small amount of information about the topics themselves (e.g whether the topic ids are < 10, < 100, etc.)
The various lengths being returned (that depends on the number of distinct versions) could leak which epochs the user had disabled topics or didn’t use the browser, if it coincided with the version change. But this leak is minor. The most common cases (i.e. returning same version topics, or no topics) will have the same length.