Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Precise the frequency at which re-validation of app/URL associations should occur #15

Open
camillelamy opened this issue Sep 8, 2020 · 1 comment
Open

Precise the frequency at which re-validation of app/URL associations should occur #15

camillelamy opened this issue Sep 8, 2020 · 1 comment

Comments

@camillelamy
Copy link

Hi,

As part of the Chrome Web Platform Security & Privacy review process, we have reviewed your intent to prototype. We have several questions, in particular around re-validation of PWA-url associations.

Could you precise at which frequency the re-validation should happen? Should this re-validation happen in the background or when the user navigates to an URL with an existing association that has not been re-validated in a while?
@LuHuangMSFT
Copy link
Collaborator

LuHuangMSFT commented Sep 17, 2020
edited
Loading

Hello. Thank you for the review.

Short answer: there is no minimum frequency for the re-validation. The maximum frequency is 1/day. Revalidation will happen when the user navigates to an URL with an existing association that has not been re-validated in a while. "In a while" is 1 day as revalidation will piggy-back onto the manifest update mechanism.

Currently our design states that:

The association between a PWA and an origin must be revalidated:

  • when a PWA is installed
  • when a PWA is updated (manifest update)
  • periodically to pick up changes in the web-app-origin-association file
    (design doc link)

So the primary mechanism for revalidation after app install is manifest update.

  • The maximum interval between revalidation for any given app is not deterministic as manifest update is trigged by top level navigations within an app's scope.
    • If the user does not navigate to within the app's scope, manifest update does not occur and so the association revalidation will not occur
    • If the association is no long valid and a link activation causes an app to be launched - this can occur only once as it is a navigation that will trigger manifest update.
      • This can happen multiple times if the association becomes invalid in the same day that it was last re-validated.
  • periodically to pick up changes in the web-app-origin-association file

We are removing this mechanism from the design. Downloading files in the background on a timer without explicit action from the user seems problematic (eg. a bug in poll frequency.)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@camillelamy @LuHuangMSFT