Slashdot Mirror
HTTP 103 - An HTTP Status Code for Indicating Hints (ietf.org)
The Internet Task Engineering Group (IETF) has approved the new HTTP status code 103. The new status code is intended to "minimize perceived latency." From the circular: It is common for HTTP responses to contain links to external resources that need to be fetched prior to their use; for example, rendering HTML by a Web browser. Having such links available to the client as early as possible helps to minimize perceived latency. The "preload" ([Preload]) link relation can be used to convey such links in the Link header field of an HTTP response. However, it is not always possible for an origin server to generate the header block of a final response immediately after receiving a request. For example, the origin server might delegate a request to an upstream HTTP server running at a distant location, or the status code might depend on the result of a database query. The dilemma here is that even though it is preferable for an origin server to send some header fields as soon as it receives a request, it cannot do so until the status code and the full header fields of the final HTTP response are determined. [...] The 103 (Early Hints) informational status code indicates to the client that the server is likely to send a final response with the header fields included in the informational response. Typically, a server will include the header fields sent in a 103 (Early Hints) response in the final response as well. However, there might be cases when this is not desirable, such as when the server learns that they are not correct before the final response is sent. A client can speculatively evaluate the header fields included in a 103 (Early Hints) response while waiting for the final response. For example, a client might recognize a Link header field value containing the relation type "preload" and start fetching the target resource. However, these header fields only provide hints to the client; they do not replace the header fields on the final response. Aside from performance optimizations, such evaluation of the 103 (Early Hints) response's header fields MUST NOT affect how the final response is processed. A client MUST NOT interpret the 103 (Early Hints) response header fields as if they applied to the informational response itself (e.g., as metadata about the 103 (Early Hints) response).
Great guys! I can see a few ways to use this to fake out servers and do some nasty things!
We love it!
Yours:
The Russian Hacker's Association
Strip your bullshit JS code and deliver the content rather than the ads. Until you do, no header will improve performance or "user experience".
Let's face it, no user gives a shit just how quickly you serve your ads. He wants the content, and guess what you don't give half a shit about how fast he gets it.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
No thanks, I'm going to have most of it blocked anyway.
“Nice” (i.e. commercial) websites have become immensely complex in design. Not because their needs has grown immensely complex; they have grown complex, but not that much. Because they are poorly designed in their workings. Developers in the same company cannot be bothered to make reusable libraries, and when they can, they mess the API stability and require several versions of the same library within a single project. Requests are resolved using queries to caches to proxies to No wonder the output of even a single request cannot be decided before examining the whole universe and its neighbourhood.
It seems to me this feature is just another step in that direction: make things a little more complex for an immediate gain, and let the future take care of itself. Slowly.
Maybe there is some bigger engineering brains, but if we're battling perceived latency by blocking/waiting for a database query or something upstream, whether is a REST service or what-the-F-ever, aren't we still blocking/waiting but now handling an intermediate response? Anything backend is going to have to prioritize shipping out constant '103's to clients, then how many to do handle and block for until we get our payload and '200'? Does this extend timeouts even longer? This actually changes ALOT of how any of us know the handshaking of HTTP is today if it's across the board and not for specific requests in header. Outside of that drivel of a thought, I can see a ton of man-in-the-middle hijacking or DDOS going on here with any sort of intermediate 'hey-hold-on-a-second' step in this handshake.
I'm like the rest of the opinions here, this seems like a vote to work-around how bloaty, complex and javascript laden and ad-network-revenue driven this is proposal is.
Because they are poorly designed in their workings.
They have too much crap and ads and scripts. Why does there have to be a popup over everything my mouse hovers over?
And being stuck with an AT&T 1.5/.25Mbps shit connection, most websites load like shit. I start reading and the page renders, I start reading, it renders some more, I wait as it continuously jumps around ... and I leave.
And with more and more news sites having video pop-up - even though I turned off autoplay, the fucker still takes up a shit load of bandwidth and makes the site unreadable.
The web on tablets is useless. On my desktop is almost useless.
The web is dead Fred. I'm spending less and less time up here.
CNN, Huffington Post, and a couple of others are just useless.
A client can speculatively evaluate the header fields included in a 103 (Early Hints) response while waiting for the final response. For example, a client might recognize a Link header field value containing the relation type "preload" and start fetching the target resource. However, these header fields only provide hints to the client; they do not replace the header fields on the final response.
This part looks exactly like the "hints" are meant as an opportunity to avoid delivering content if the hints aren't properly "obeyed". If the "preload" directive doesn't happen and a third party doesn't relay that the undesirable content is at least transmitted, the first server can continue to wait until the demand is met.
Inheritance is the sincerest form of nepotism.
I think I've seen this rodeo before. What I see is that web developers work to make their site "fast enough". In Scrum terms, they don't apply premature optimizations. They use too many modules with too many dependencies and assume everyone has a fast internet.
My two predictions: this will just encourage web site bloat, and a bunch of people are going to discover that their cheap-and-barely-working HTTP parsers don't actually handle 100-series responses.They are also going to discover that many high-level APIs don't provide any access to this new paradigm.
Want a sig like mine? Join ACM's SigSig today!
With enhancements such as this one, are we just continuing to extend the life of the HTTP protocol, when we really should be taking it out behind the barn and putting it out of its misery?
... I have to retry again with another connection, and hope to get my 2xx response this time?
And if there is still "latency" I have to keep retrying again and again?
Good thing none of these extra connections will cause any latency by themselves.
if you need it just put it in the ordinary header ffs that way you don't break existing HTTP clients.
Client side includes allow you to do things that would normally require scripting on the server(server security risk & processing costs up) or JavaScript in the site (client security risk & client processing costs up) without either. Particularly loading common headers/footers/menus from a single source, one of the biggest use cases for server side scripting, but with file cashing for the common html chunk.
This has repeatedly been denied by the standards committee as you can also sort of do this with JavaScript, but, it makes your site not work with NoScript, requiring users to run arbitrary code to access flat content is rude, and also takes extra JavaScript knowledge which hurts non coders (and coders too, to be honest) who want to make web content without relying on complex third party tool-kits.
If you encounter a viewer who desires only "the static functionality of a Wikipedia article", do not force the viewer into more interaction than that. Build navigation through links to other documents on your site. Use the styling and transition functionality built into CSS to style your HTML. Build collapsible elements out of a hidden checkbox with a visible label.
That's only a minor inconvenience to ad blockers, as they can load the data then throw it away without passing it to the rendering layer.
It's a major inconvenience to people who use ad blockers for the express purpose of staying under the monthly Internet data transfer volume limit set by an ISP.
Full page reloads for any action from the user.
Outdated information for dynamic values (as in something that often changes, like a sports score, or stocks)
Would you care to cite any websites that do what you claim that aren't just a list of articles?
when the service goes away. Making content, like everything, costs money. Maybe if we ever get UBI we can talk. Until then you live with the ads or stop going to the page and complaining.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
I think the idea is that your website says goes here, you ask .org for and they can say Error 103: will be about 300x400 pixels. Your site then sets aside 300x400 pixels for and starts to display this to the user who perceives the site rendering and then being printed out inside of it a little bit later. This makes them feel better than either, wait for then render everything, show blank screen in the mean time, or display the site without , then resize everything to fit in when we get it.
So basically you can "tell" the client before sending the page that the page has a number of things in it's "head" and "script" tags and then the browser can pre-load them or multiplex the requests instead of waiting on the HTML to load, parse it and then load them.
The problem/security will be when you pre-load content from external sites just as regular JavaScript you load externally. It basically wastes a bit of bandwidth in the hope you have a high-bandwidth, high-latency link
Custom electronics and digital signage for your business: www.evcircuits.com
Let me predict what an anti-script curmudgeon might think of your objections.
Full page reloads for any action from the user.
"It'd still end up loading less data than a half-dozen JS frameworks and ad exchanges' real-time bidding scripts."
Outdated information for dynamic values (as in something that often changes, like a sports score, or stocks)
"When I want up-to-date information, I'll request it myself. My F5 key isn't broken, you know."
Would you care to cite any websites that do what you claim that aren't just a list of articles?
"I can, for example, get the weather on National Weather Service (weather.gov) without script. If I wanted something more interactive than an HTML form, I would download an application, compile it, and install it on my computer."
90% of newspaper content is non dynamic, and isn't helped by singing dancing sidebars of irritation. Video and music sites are only dynamic if you use the comments, and if the comments are active. The same also applies to image content, be it art or not. Wikis of all sorts don't need to live update without user interaction.
It is not that these things can't be useful but instead that they cost in security, bandwidth, and CPU time, worse they are often done in badly designed user expensive ways. Dynamic content or even just JavaScript shouldn't be used for their own sake or hammered down peoples throats. If your content is static then at least a simplified static version should be available without the (Anti-)"social" junk.
PS. The lack of ability to serve common HTML parts of the page separately (to avoid full page reloads without JavaScript dependence) is a choice that the HTML standards bodies have made, despite user demand, not an argument that JavaScript is good.
Can i get an option in chrome just to load text? I seem to exhaust my data very quickly. Is Google deaf and dumb, that they dont understand that majority of world population lives in 2nd & 3rd world countries.
Full page reloads for any action from the user.
"It'd still end up loading less data than a half-dozen JS frameworks and ad exchanges' real-time bidding scripts."
I'm sure that's the case on strawman.com
Outdated information for dynamic values (as in something that often changes, like a sports score, or stocks)
"When I want up-to-date information, I'll request it myself. My F5 key isn't broken, you know."
"Full page reloads for any action from the user."
Would you care to cite any websites that do what you claim that aren't just a list of articles?
"I can, for example, get the weather on National Weather Service (weather.gov) without script.
Thanks for the example. Weather.gov looks great on my phone (not). It's a perfect example of what curmudgeons would want. If web development just stopped around 2004.
Not that I'm moving goalposts, but I'm wondering if there is an example of something like an e-commerce site (therefor few/little ads) and is something more complicated than a Google question.
If I wanted something more interactive than an HTML form, I would download an application, compile it, and install it on my computer."
We're sorry, the following website is not compatible with your operating system.
I'm wondering if there is an example of something like an e-commerce site (therefor few/little ads) and is something more complicated than a Google question.
How well does, say, Phil's Hobby Shop work with script off?
Disclosure: Phil's Hobby Shop employs me.
HTTP 103
Hint: I'm sorry, Dave. I'm afraid I can't do that.
It looks like someone threw up on a time-travelling toaster.
Outdated information for dynamic values (as in something that often changes, like a sports score, or stocks)
"When I want up-to-date information, I'll request it myself. My F5 key isn't broken, you know."
But then you'll have used far more bandwidth and time and processing power reloading the whole page than would have been taken up by hours of a reloading counter.
What I -really- want is a browser feature where any only the tab that the mouse is hovering over will have running javascript. Everything, everything else gets "frozen." If the browser doesn't have current focus, then no scripts run at all. I'm sure that will break a little functionality, but a user like me would appreciate an advanced feature like that.
Thanks for the example. Weather.gov looks great on my phone (not). It's a perfect example of what curmudgeons would want. If web development just stopped around 2004.
Hmm. Maybe web sites looked better and operated a hell of a lot faster in 2004 than the overloaded sites we have today.
Looks pretty good, but all the links on the big promotion window are broken. I'll admit, I would hope that the DX8 and the VisionAire labels would actually just change tabs on that promotion window, but right all of them take you to a "discontinued item" page.
I'll admit that it looks "ok" on my phone. Not great, but most of the overarchitectured sites look WORSE on the phone instead of better, so that's a point in favor of the static site.
What I -really- want is a browser feature where any only the tab that the mouse is hovering over will have running javascript. Everything, everything else gets "frozen." If the browser doesn't have current focus, then no scripts run at all.
With a user-managed whitelist for things like music streaming services and web-based rich chat rooms, I assume.
Hmm. Maybe web sites looked better and operated a hell of a lot faster in 2004 than the overloaded sites we have today.
Yes I love having to constantly zoom in and out on my phone.
Half the web sites I go to I have to "request desktop site" because the mobile version sucks. I think I prefer the zoom-in paradigm better.
But having a mobile version doesn't mean you need a 2017-style website nightmare.
Sure, sounds good to me. I know it sounds complex and maybe not something the average user would want to hassle with, but maybe the average user is similarly frustrated with web browser slowness and might find that small bit of fiddling worth the overall faster experience.
Or maybe I'm the only guy with 5+ tabs open at once. ^_^