Hi! On Mon, Apr 25, 2022 at 9:09 AM Kenji Baheux <kenjibah...@chromium.org> wrote:
> The Authorization header should be supported in Early Hints. > Please share a concrete example if this doesn't work as you'd hope. > Kenji, I think there is some misunderstanding here between what I am concerned about (what is possible with HTTP2 push and not with Early Hints). So with Early Hints Authorization header is supported in the following way: HTTP/1.1 103 Early Hints Link: /api/data.json; rel=preload; as=fetch Authorization: Bearer foobar But this does not mean that the browser will use that header when doing a request to preload the /api/data.json. So preloading resources which require authorization is not possible with Early Hints. But it is possible with HTTP2 push. Similar and related issue is with Accept header and content negotiation. It is not possible to define a Link header which would for example request application/json response, when multiple responses are possible. This has been reported independently at [1]. So to me it looks like Early Hints support only simple public requests, no authorization, no content negotiation. As such they are not suitable to preload data from API endpoints. While HTTP2 push can support such use cases. [1] https://bugs.chromium.org/p/chromium/issues/detail?id=962642 Am I missing something obvious about the Link header which would address those concerns? Mitar -- http://mitar.tnode.com/ https://twitter.com/mitar_m -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAKLmikN3SaqDDXgQrS%2B8mqk717FnvMfudjtYn7%3DKLq3Snt777w%40mail.gmail.com.
