Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Proposal to schedule a shared storage worklet to run in the future, particularly from contexts that normally can't run worklets #174

Open
jkarlin opened this issue Aug 29, 2024 · 3 comments
Open

Proposal to schedule a shared storage worklet to run in the future, particularly from contexts that normally can't run worklets #174

jkarlin opened this issue Aug 29, 2024 · 3 comments

Comments

@jkarlin
Copy link
Collaborator

jkarlin commented Aug 29, 2024

There are two places where one can write to shared storage but can’t run a worklet, meaning missed private aggregation based reporting opportunities if the writer doesn't have script access on the page. The two places are 1) when writing to shared storage via a response header and 2) when writing to shared storage from Protected Audience worklets.

It would be nice if the writer could schedule a worklet to run in the future. The browser could coalesce such requests and rate-limit them by origin to reduce performance issues. It might look something like:

scheduleWorklet(scriptURL, {operation: "opName", data: {<enter your contextual data here>}});

And the response header mechanism would likely be similar to that used for writing to shared storage via response headers, and require a similar opt-in from the publisher. Something like:

The worklet script would be fetched and executed sometime in the future, likely rate limited to preserve resources. This would allow folks to write data in buyer and seller PA worklets, or via response headers, and feel comfortable that sometime soon they'd get to process the data in a worklet and generate a private aggregation report via shared storage.

What do you all think? Would this be useful? Please let us know about your use cases and if this fits the need or how it might be adjusted.
@jkarlin jkarlin mentioned this issue Aug 29, 2024
Open
@MattMenke2
Copy link

What's to prevent leaking information in the script URL, like can currently be done via event-level reporting?

e.g., from generateBid(), use a scriptURL of "https://tracker.com/tracked-user-Matt-from-site1.com-visited-site2.com-and-his-id-there-is-1234.js"?

@jkarlin
Copy link
Collaborator Author

jkarlin commented Aug 30, 2024

Not entirely ironed out, but the idea was roughly that the data origin of the shared storage worklet would match that of the calling PA worklet, and that the script url would need to be predeclared (e.g., in a short list of script urls hosted at https://buyerorigin/.well-known/shared-storage/X address or via some other header/js).

@alois-bissuel
Copy link

Hi,

Landing a bit late on this issue. This would be very useful for quite a few use cases in Protected Audience (for instance WICG/turtledove#1182).

I am not sure to understand completely the specifics though, especially the coalescing part. Would the worklet be called with a concatenation of all the arguments of all the calls to scheduleWorklets in a given timeframe?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jkarlin @MattMenke2 @alois-bissuel