Re: [webkit-dev] New iOS versions sending bogus User-Agent build data

2018-04-26 Thread Colin Bendell | +1.613.914.3387 
On 26 April 2018 at 13:18, Konstantin Tokarev <annu...@yandex.ru> wrote:
> 26.04.2018, 20:09, "Colin Bendell | +1.613.914.3387" <co...@bendell.ca>:
>> On 26 April 2018 at 12:23, Konstantin Tokarev <annu...@yandex.ru> wrote:
>>>  Not to mention those evil people who reject page loading for user agents
>>>  they don't (want to) support
>>
>> How does locking the UA solve the misbehaving parsers in the wild?
>
> There will be less information in UA and therefore less reasons for developers
> to do this, instead of using direct feature testing
>
>> They will still misbehave and break the user experience. However,
>> those of us that are trying to optimize the user experience by working
>> around bugs for specific versions are now handicapped and punished.
>
> While parsing UA string handicaps and punishes users of alternative user 
> agents.

Can you give me an example where UA parsing is punishing users of
alternative user agents? Is this a theoretical problem, or a
widespread problem? I'm not asking to be divisive, but because I know
for a fact that UA parsing is improving the user experience. I can
give you dozens of examples where we must resort to UA parsing for the
betterment of the user (for all flavors of UAs).

Do you have any alternatives other than "more javascript"?

Again I ask, is there room for compromise where we can expose the
version details in the UA (or some alternative) so that we ensure a
consistent and optimized user experience?

/colin
___
webkit-dev mailing list
webkit-dev@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-dev

Re: [webkit-dev] New iOS versions sending bogus User-Agent build data

2018-04-26 Thread Colin Bendell | +1.613.914.3387 
On 26 April 2018 at 12:23, Konstantin Tokarev  wrote:
> 26.04.2018, 19:16, "Michael Catanzaro" :
>> On Thu, Apr 26, 2018 at 11:13 AM, Michael Catanzaro  
>> wrote:
>>>  By fixing the WebKit bug, of course. And in the meantime you can work
>>>  around it on the server side by not using img src=mp4, right?

Today, we can work around it by ignoring the Accept field. However,
tomorrow once the bug is fixed we will be in the paradox of not
knowing which versions of Safari are telling the truth.


>> Consider the other perspective on this problem. If other servers look
>> at the WebKit version in the UA to determine if WebKit supports img
>> src=mp4, other WebKit ports that don't support this are going to be out
>> of luck and get broken pages. I know that's not what you're doing --
>> you're looking at iOS version instead, and only doing it to work around
>> a specific bug, which is much better -- but the problem of websites
>> sending bad content based on bad user agent parsing is so severe that
>> we don't have many good options, here. :/
>
> Not to mention those evil people who reject page loading for user agents
> they don't (want to) support

How does locking the UA solve the misbehaving parsers in the wild?
They will still misbehave and break the user experience. However,
those of us that are trying to optimize the user experience by working
around bugs for specific versions are now handicapped and punished.

The reality is that bugs exist. There is a give and take here where
the content negotiation is sometimes smarter on the client, and
sometimes smarter on the server. In the case of media, the server is
usually smarter and must be because of the long tail of adoption.

Ideally everyone on the planet will adopt to ios V.Latest overnight,
but sadly this will not be the case. Servers must account for the long
tail of users on many different versions. Right now we are forced to
decide to apply a solution that works only for v.latest, or apply a
solution that works for v.lowest-common-denominator. In both scenarios
we compromise the user experience. Ideally we wouldn't have to
sacrifice some users and would be able to account for bugs in the
wild.

As I said before, if this detail is available in javascript, then why
hide it on the wire? Perhaps it's time for a User-Agent2 with precise
feature declarations? Even still a version number is needed because,
well, bugs.

While I understand the fingerprinting concern, I'm not particularly
convinced that UA obfuscation is the best solution for users and the
user experience. Without opening up the religious debate of
fingerprinting with the UA, how can provide enough detail (version
numbers) so that service providers can work toward the greater good of
improving the user experience?

Is there room for compromise?

/colin
___
webkit-dev mailing list
webkit-dev@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-dev

Re: [webkit-dev] New iOS versions sending bogus User-Agent build data

2018-04-26 Thread Colin Bendell | +1.613.914.3387 
I'm running into this issue right now with the locked UA. Here are the
challenges:
1. ios 11.3 safari bug broke  despite advertising
`accept: video/*` in the request. (see bug 185029). I now need to use
UA detection to patch versions of a response based on existing bugs.
In short, we as an industry, depend on UA parsing to work around bugs.
This happened last year when the jp2k support increased to 10bit depth
and the decoder was inflating the 8bit colour pallet to 10bit. We
needed to use UA parsing to determine if it was safe to send jp2k
images to a device. I have a laundry list of other examples where the
server might actually know more than the client to prevent a) a broken
user experience and b) prevent cellular data waste.

2. Javascript based feature detection is inefficient and slows down
safari' preloader. The preloader is one of the best performance
enhancements to come to the modern browser. Using javscript for
feature detection is a step backward for the preloader. Webkit does
not provide enough declarations of its feature set in HTTP headers so
we resort to UA device characteristics. If the features are available
with javascript inquiry, then how is that any different than exposing
these features at request time?

In short, we are stuck. blocking the UA like this will degrading the
user experience because it will force us to either not take advantage
of cell-data/cpu/battery improvements (like sending mp4s instead of
animated gifs) or it will force us to use javascript and likewise
degrade the user experience with slower web experiences.

How do we navigate this?

/colin

On 26 April 2018 at 11:22, Michael Catanzaro  wrote:
> On Thu, Apr 26, 2018 at 7:15 AM, Ricky Young  wrote:
>>
>> I guess that soon it won't be possible to determine iOS version
>> distribution using User-Agent sniffing. Right? Is there an alternative for
>> the browser to tell the iOS version?
>
>
> Hi,
>
> The very point of no longer sending the verison in the user agent is to make
> it difficult for websites to determine the operating system version.
>
> We already have to deal with enough serious web compatibility problems
> caused by the rest of the information in the user agent. I'm pleased that
> the version number is now stable -- that's a huge improvement -- but I won't
> be happy until Safari and other major browsers start sending
> fully-randomized UAs, or else a stub or blank UA ("Mozilla/5.0").
>
> Michael
>
>
> ___
> webkit-dev mailing list
> webkit-dev@lists.webkit.org
> https://lists.webkit.org/mailman/listinfo/webkit-dev
___
webkit-dev mailing list
webkit-dev@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-dev

Re: [webkit-dev] where should tests reside? tests/preload v. tests/loading

2017-11-08 Thread Colin Bendell | +1.613.914.3387 
On 8 November 2017 at 09:57, Konstantin Tokarev  wrote:

>> 2) how is the debug level enabled for http/tests/loading? Is there a
>> way to control this threshold programatically in the test?
>
> This is printed by InjectedBundle used in testing
> (see Tools/WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp)

ahh! I see the url grep in TestInvocation.cpp for "loading/" that
enables this. Too bad this isn't declared by the test itself (though I
understand why)

thanks,
/colin
___
webkit-dev mailing list
webkit-dev@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-dev

[webkit-dev] where should tests reside? tests/preload v. tests/loading

2017-11-08 Thread Colin Bendell | +1.613.914.3387 
I'm chasing down racy logging with one of my tests and I've noticed
some duplication for preloader tests. Specifically:
1) when should you organize preload tests in
LayoutTests/http/tests/preload v.
LayoutTests/http/tests/loading/preload*? I'm assuming that the real
reason is the debug level?

2) how is the debug level enabled for http/tests/loading? Is there a
way to control this threshold programatically in the test?

(an example debug line in question:"main frame -
didStartProvisionalLoadForFrame")

thanks,
/colin
___
webkit-dev mailing list
webkit-dev@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-dev

[webkit-dev] buildbot / ios-sim failing on serviceworket tests?

2017-11-06 Thread Colin Bendell | +1.613.914.3387 
Can someone provide guidance on how I should interpret serviceworker
failures on the ios-sim queue? The same buildbot error appears in
other patches:

https://webkit-queues.webkit.org/results/5118974 (bug 179231)
https://webkit-queues.webkit.org/results/5121120 (bug 179285)

thoughts?

/colin
___
webkit-dev mailing list
webkit-dev@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-dev