HTML Standard

HTML Standard
7.6
Speculative loading
7.6.1
Speculation rules
7.6.1.1
Data model
7.6.1.2
Parsing
7.6.1.3
Processing model
7.6.2
Navigational prefetching
7.6.3
The `
Speculation-Rules
` header
7.6.4
The `
Sec-Speculation-Tags
` header
7.6.5
Security considerations
7.6.5.1
Cross-site requests
7.6.5.2
Injected content
7.6.5.3
IP anonymization
7.6.6
Privacy considerations
7.6.6.1
Heuristics and optionality
7.6.6.2
State partitioning
7.6.6.3
Identity joining
7.7
The `
X-Frame-Options
` header
7.8
The `
Refresh
` header
7.9
Browser user interface
considerations
7.6
Speculative loading
Speculative loading is the practice of performing navigation actions, such as prefetching,
ahead of navigation starting. This makes subsequent navigations faster.
Developers can initiate speculative loads by using
speculation rules
. User agents might also perform speculative loads in certain
implementation-defined
scenarios, such as typing into the address bar.
7.6.1
Speculation rules
Speculation rules
are how developers instruct the
browser about speculative loading operations that the developer believes will be beneficial. They
are delivered as JSON documents, via either:
inline
script
elements with their
type
attribute set to "
speculationrules
"; or
resources fetched from a URL specified in the `
Speculation-Rules
` HTTP
response header.
The following JSON document is parsed into a
speculation rule set
specifying a
number of desired conditions for the user agent to
start a referrer-initiated navigational
prefetch
"prefetch"
"urls"
"/chapters/5"
},
"eagerness"
"moderate"
"where"
"and"
"href_matches"
"/*"
},
"not"
"selector_matches"
".no-prefetch"
A JSON document representing a
speculation rule set
must meet the following
speculation rule set authoring requirements
It must be valid JSON.
[JSON]
The JSON must represent a JSON object, with at most three keys "
tag
",
prefetch
" and "
prerender
".
In this standard, "
prerender
" is optionally converted to
prefetch
at parse time
. Some
implementations might implement different behavior for prerender, as specified in
Prerendering Revamped
[PRERENDERING-REVAMPED]
The value corresponding to the "
tag
" key, if present, must be a
speculation rule tag
The values corresponding to the "
prefetch
" and "
prerender
" keys, if present, must be arrays of
valid speculation rules
valid speculation rule
is a JSON object that meets the following requirements:
It must have at most the following keys: "
source
", "
urls
", "
where
", "
relative_to
",
eagerness
", "
referrer_policy
", "
tag
", "
requires
", "
expects_no_vary_search
", or "
target_hint
".
In this standard,
target_hint
" is ignored
The value corresponding to the "
source
" key, if present, must be
either "
list
" or "
document
".
If the value corresponding to the "
source
" key is "
list
", then the "
urls
" key must be present, and the
where
" key must be absent.
If the value corresponding to the "
source
" key is "
document
", then the "
urls
" key must be absent.
The "
urls
" and "
where
" keys must not both be
present.
If the value corresponding to the "
source
" key is "
document
" or the "
where
" key is present, then the "
relative_to
" key must be absent.
The value corresponding to the "
urls
" key, if present, must be an
array of
valid URL strings
The value corresponding to the "
where
" key, if present, must be a
valid document rule predicate
The value corresponding to the "
relative_to
" key, if present, must
be either "
ruleset
" or "
document
".
The value corresponding to the "
eagerness
" key, if present, must be
speculation rule eagerness
The value corresponding to the "
referrer_policy
" key, if present,
must be a
referrer policy
The value corresponding to the "
tag
" key, if present, must be a
speculation rule tag
The value corresponding to the "
requires
" key, if present, must be
an array of
speculation rule
requirements
The value corresponding to the "
expects_no_vary_search
" key, if
present, must be a
string
that is
parseable
as a `
No-Vary-Search
` header value.
valid document rule predicate
is a JSON object that meets the following
requirements:
It must contain exactly one of the keys "
and
", "
or
", "
not
", "
href_matches
", or
selector_matches
".
It must not contain any keys apart from the above or "
relative_to
".
If it contains the key "
relative_to
", then it must also contain the
key "
href_matches
".
The value corresponding to the "
relative_to
" key, if present, must
be either "
ruleset
" or "
document
".
The value corresponding to the "
and
" or "
or
keys, if present, must be arrays of
valid document
rule predicates
The value corresponding to the "
not
" key, if present, must be a
valid document rule predicate
The value corresponding to the "
href_matches
" key, if present, must
be either a
valid URL pattern input
or an array of
valid URL pattern inputs
The value corresponding to the "
selector_matches
" key, if present,
must be either a
string
matching

or an array of
strings
that match

valid URL pattern input
is either:
scalar value string
that can be successfully
parsed
as a URL pattern constructor string, or;
a JSON object whose keys are drawn from the members of the
URLPatternInit
dictionary and whose values are
scalar value
strings
7.6.1.1
Data model
speculation rule set
is a
struct
with the following
items
prefetch rules
, a
list
of
speculation rules
, initially empty
In the future, other rules will be possible, e.g., prerender rules. See
Prerendering Revamped
for such not-yet-accepted extensions.
[PRERENDERING-REVAMPED]
speculation rule
is a
struct
with the following
items
URLs
, an
ordered set
of
URLs
predicate
, a
document rule predicate
or
null
eagerness
, a
speculation rule
eagerness
referrer policy
, a
referrer
policy
tags
, an
ordered set
of
speculation rule tags
requirements
, an
ordered set
of
speculation rule requirements
No-Vary-Search hint
, a
URL search
variance
document rule predicate
is one of the following:
document rule conjunction
document rule disjunction
document rule negation
document rule URL pattern predicate
; or
document rule selector predicate
document rule conjunction
is a
struct
with the following
items
clauses
, a
list
of
document rule predicates
document rule disjunction
is a
struct
with the following
items
clauses
, a
list
of
document rule predicates
document rule negation
is a
struct
with the following
items
clause
, a
document rule predicate
document rule URL pattern predicate
is a
struct
with the following
items
patterns
, a
list
of
URL patterns
document rule selector predicate
is a
struct
with the following
items
selectors
, a
list
of
selectors
speculation rule eagerness
is one of the following
strings
immediate
The developer believes that performing the associated speculative loads is very likely to
be worthwhile, and they might also expect that load to require significant lead time to complete.
User agents should usually enact the speculative load candidate as soon as practical, subject
only to considerations such as user preferences, device conditions, and resource limits.
eager
User agents should enact the speculative load candidate on even a slight suggestion that
the user may navigate to this URL in the future. For instance, the user might have moved the
cursor toward a link or hovered it, even momentarily, or paused scrolling when the link is one of
the more prominent ones in the viewport. The author is seeking to capture as many navigations as
possible, as early as possible.
moderate
User agents should enact the candidate if user behavior suggests the user may navigate to
this URL in the near future. For instance, the user might have scrolled a link into the viewport
and shown signs of being likely to click it, e.g., by moving the cursor over it for some time.
The developer is seeking a balance between "
eager
" and
conservative
".
conservative
User agents should enact the candidate only when the user is very likely to navigate to
this URL at any moment. For instance, the user might have begun to interact with a link. The
developer is seeking to capture some of the benefits of speculative loading with a fairly small
tradeoff of resources.
speculation rule eagerness
is
less eager
than another
speculation rule
eagerness
if
follows
in the above list.
speculation rule eagerness
is
at least as eager
as another
speculation rule
eagerness
if
is not
less
eager
than
speculation rule tag
is either an
ASCII string
whose
code points
are all in the range U+0020 to U+007E inclusive, or
null.
This code point range restriction ensures the value can be sent in an HTTP header
with no escaping or modification.
speculation rule requirement
is the string "
anonymous-client-ip-when-cross-origin
".
In the future, more possible requirements might be defined.
7.6.1.2
Parsing
Since speculative loading is a progressive enhancement, this standard is fairly conservative
in its parsing behavior. In particular, unknown keys or invalid values usually cause parsing
failure, since it is safer to do nothing than to possibly misinterpret a speculation rule.
That said, parsing failure for a single speculation rule still allows other speculation rules
to be processed. It is only in the case of top-level misconfiguration that the entire speculation
rule set is discarded.
To
parse a speculation rule set string
given a
string
input
Document
document
, and a
URL
baseURL
Let
parsed
be the result of
parsing a JSON string to an Infra value
given
input
If
parsed
is not a
map
, then throw a
TypeError
indicating that the top-level value needs to be a JSON object.
Let
result
be a new
speculation rule set
Let
tag
be null.
If
parsed
["
tag
"]
exists
If
parsed
["
tag
"] is not a
speculation rule
tag
, then throw a
TypeError
indicating that the speculation rule tag is
invalid.
Set
tag
to
parsed
["
tag
"].
Let
typesToTreatAsPrefetch
be « "
prefetch
" ».
The user agent may
append
prerender
" to
typesToTreatAsPrefetch
Since this specification
only includes prefetching, this allows user agents to treat requests for prerendering as
requests for prefetching. User agents which implement prerendering, per the
Prerendering
Revamped
specification, will instead interpret these as prerender requests.
[PRERENDERING-REVAMPED]
For each
type
of
typesToTreatAsPrefetch
If
parsed
type
exists
If
parsed
type
] is a
list
, then
for each
rule
of
parsed
type
]:
Let
rule
be the result of
parsing
a speculation rule
given
rule
tag
document
, and
baseURL
If
rule
is null, then
continue
Append
rule
to
result
's
prefetch rules
Otherwise, the user agent may
report a warning to the console
indicating
that the rules list for
type
needs to be a JSON array.
Return
result
To
parse a speculation rule
given a
map
input
, a
speculation rule tag
rulesetLevelTag
, a
Document
document
, and a
URL
baseURL
If
input
is not a
map
The user agent may
report a warning to the console
indicating that the rule
needs to be a JSON object.
Return null.
If
input
has any
key
other than "
source
", "
urls
", "
where
", "
relative_to
", "
eagerness
", "
referrer_policy
", "
tag
", "
requires
", "
expects_no_vary_search
", or "
target_hint
":
The user agent may
report a warning to the console
indicating that the rule
has unrecognized keys.
Return null.
target_hint
" has no impact on the processing model in this standard. However,
implementations of
Prerendering Revamped
can use it for prerendering rules, and so
requiring user agents to fail parsing such rules would be counterproductive.
[PRERENDERING-REVAMPED]
Let
source
be null.
If
input
["
source
"]
exists
, then set
source
to
input
["
source
"].
Otherwise, if
input
["
urls
"]
exists
and
input
["
where
"] does not
exist
, then set
source
to "
list
".
Otherwise, if
input
["
where
"]
exists
and
input
["
urls
"] does not
exist
, then set
source
to "
document
".
If
source
is neither "
list
" nor "
document
":
The user agent may
report a warning to the console
indicating that a source
could not be inferred or an invalid source was specified.
Return null.
Let
urls
be an empty
list
Let
predicate
be null.
If
source
is "
list
":
If
input
["
where
"]
exists
The user agent may
report a warning to the console
indicating that there
were conflicting sources for this rule.
Return null.
If
input
["
relative_to
"]
exists
If
input
["
relative_to
"] is neither "
ruleset
" nor "
document
":
The user agent may
report a warning to the console
indicating that the
supplied relative-to value was invalid.
Return null.
If
input
["
relative_to
"] is "
document
", then set
baseURL
to
document
's
document base URL
If
input
["
urls
"] does not
exist
or is not a
list
The user agent may
report a warning to the console
indicating that the
supplied URL list was invalid.
Return null.
For each
urlString
of
input
["
urls
"]:
If
urlString
is not a string:
The user agent may
report a warning to the console
indicating that the
supplied URL must be a string.
Return null.
Let
parsedURL
be the result of
URL parsing
urlString
with
baseURL
If
parsedURL
is failure, or
parsedURL
's
scheme
is not an
HTTP(S) scheme
The user agent may
report a warning to the console
indicating that the
supplied URL string was unparseable.
Continue
Append
parsedURL
to
urls
If
source
is "
document
":
If
input
["
urls
"] or
input
["
relative_to
"]
exists
The user agent may
report a warning to the console
indicating that there
were conflicting sources for this rule.
Return null.
If
input
["
where
"] does not
exist
, then set
predicate
to a
document rule
conjunction
whose
clauses
is an empty
list
Such a predicate will match all links.
Otherwise, set
predicate
to the result of
parsing a document rule predicate
given
input
["
where
"],
document
, and
baseURL
If
predicate
is null, then return null.
Let
eagerness
be "
immediate
" if
source
is "
list
"; otherwise, "
conservative
".
If
input
["
eagerness
"]
exists
If
input
["
eagerness
"] is not a
speculation rule
eagerness
The user agent may
report a warning to the console
indicating that the
eagerness was invalid.
Return null.
Set
eagerness
to
input
["
eagerness
"].
Let
referrerPolicy
be the empty string.
If
input
["
referrer_policy
"]
exists
If
input
["
referrer_policy
"] is not a
referrer
policy
The user agent may
report a warning to the console
indicating that the
referrer policy was invalid.
Return null.
Set
referrerPolicy
to
input
["
referrer_policy
"].
Let
tags
be an empty
ordered set
If
rulesetLevelTag
is not null, then
append
rulesetLevelTag
to
tags
If
input
["
tag
"]
exists
If
input
["
tag
"] is not a
speculation rule
tag
The user agent may
report a warning to the console
indicating that the
tag was invalid.
Return null.
Append
input
["
tag
"]
to
tags
If
tags
is empty
, then
append
null to
tags
Assert
tags
's
size
is either 1 or
2.
Let
requirements
be an empty
ordered set
If
input
["
requires
"]
exists
If
input
["
requires
"] is not a
list
The user agent may
report a warning to the console
indicating that the
requirements were not understood.
Return null.
For each
requirement
of
input
["
requires
"]:
If
requirement
is not a
speculation rule requirement
The user agent may
report a warning to the console
indicating that the
requirement was not understood.
Return null.
Append
requirement
to
requirements
Let
noVarySearchHint
be the
default URL search variance
If
input
["
expects_no_vary_search
"]
exists
If
input
["
expects_no_vary_search
"] is not a
string
The user agent may
report a warning to the console
indicating that the
No-Vary-Search
` hint was invalid.
Return null.
Set
noVarySearchHint
to the result of
parsing a URL search variance
given
input
["
expects_no_vary_search
"].
Return a
speculation rule
with:
URLs
urls
predicate
predicate
eagerness
eagerness
referrer policy
referrerPolicy
tags
tags
requirements
requirements
No-Vary-Search hint
noVarySearchHint
To
parse a document rule predicate
given a value
input
, a
Document
document
, and a
URL
baseURL
If
input
is not a
map
The user agent may
report a warning to the console
indicating that the
document rule predicate was invalid.
Return null.
If
input
does not
contain
exactly one of "
and
", "
or
", "
not
", "
href_matches
", or "
selector_matches
":
The user agent may
report a warning to the console
indicating that the
document rule predicate was empty or ambiguous.
Return null.
Let
predicateType
be the single key found in the previous step.
If
predicateType
is "
and
" or "
or
":
If
input
has any
key
other than
predicateType
The user agent may
report a warning to the console
indicating that the
document rule predicate had unexpected extra options.
Return null.
If
input
predicateType
] is not a
list
The user agent may
report a warning to the console
indicating that the
document rule predicate had an invalid clause list.
Return null.
Let
clauses
be an empty
list
For each
rawClause
of
input
predicateType
]:
Let
clause
be the result of
parsing a document rule predicate
given
rawClause
document
, and
baseURL
If
clause
is null, then return null.
Append
clause
to
clauses
If
predicateType
is "
and
", then return a
document rule conjunction
whose
clauses
is
clauses
Return a
document rule disjunction
whose
clauses
is
clauses
If
predicateType
is "
not
":
If
input
has any
key
other than "
not
":
The user agent may
report a warning to the console
indicating that the
document rule predicate had unexpected extra options.
Return null.
Let
clause
be the result of
parsing a document rule predicate
given
input
predicateType
],
document
, and
baseURL
If
clause
is null, then return null.
Return a
document rule negation
whose
clause
is
clause
If
predicateType
is "
href_matches
":
If
input
has any
key
other than "
href_matches
" or "
relative_to
":
The user agent may
report a warning to the console
indicating that the
document rule predicate had unexpected extra options.
Return null.
If
input
["
relative_to
"]
exists
If
input
["
relative_to
"] is neither "
ruleset
" nor "
document
":
The user agent may
report a warning to the console
indicating that the
supplied relative-to value was invalid.
Return null.
If
input
["
relative_to
"] is "
document
", then set
baseURL
to
document
's
document base URL
Let
rawPatterns
be
input
["
href_matches
"].
If
rawPatterns
is not a
list
, then set
rawPatterns
to
rawPatterns
».
Let
patterns
be an empty
list
For each
rawPattern
of
rawPatterns
Let
pattern
be the result of
building a URL pattern from an Infra value
given
rawPattern
and
baseURL
. If this step throws an exception, catch the exception and set
pattern
to null.
If
pattern
is null:
The user agent may
report a warning to the console
indicating that the
supplied URL pattern was invalid.
Return null.
Append
pattern
to
patterns
Return a
document rule URL pattern predicate
whose
patterns
is
patterns
If
predicateType
is "
selector_matches
":
If
input
has any
key
other than "
selector_matches
":
The user agent may
report a warning to the console
indicating that the
document rule predicate had unexpected extra options.
Return null.
Let
rawSelectors
be
input
["
selector_matches
"].
If
rawSelectors
is not a
list
, then set
rawSelectors
to «
rawSelectors
».
Let
selectors
be an empty
list
For each
rawSelector
of
rawSelectors
Let
parsedSelectorList
be failure.
If
rawSelector
is a string, then set
parsedSelectorList
to the
result of
parsing a selector
given
rawSelector
If
parsedSelectorList
is failure:
The user agent may
report a warning to the console
indicating that the
supplied selector list was invalid.
Return null.
For each
selector
of
parsedSelectorList
append
selector
to
selectors
Return a
document rule selector predicate
whose
selectors
is
selectors
Assert
: this step is never reached, as one of the previous branches was
taken.
7.6.1.3
Processing model
speculative load candidate
is a
struct
with the following
items
URL
, a
URL
No-Vary-Search hint
, a
URL search
variance
eagerness
, a
speculation rule
eagerness
referrer policy
, a
referrer
policy
tags
, an
ordered set
of
speculation rule tags
prefetch candidate
is a
speculative load candidate
with the following
additional
item
anonymization policy
, a
prefetch IP anonymization policy
prefetch IP anonymization policy
is either null or a
cross-origin prefetch
IP anonymization policy
cross-origin prefetch IP anonymization policy
is a
struct
whose
single
item
is its
origin
, an
origin
speculative load candidate
candidateA
is
redundant with
another
speculative load
candidate
candidateB
if the following steps return true:
If
candidateA
's
No-Vary-Search hint
is not equal to
candidateB
's
No-Vary-Search
hint
, then return false.
If
candidateA
's
URL
is not
equivalent modulo search variance
to
candidateB
's
URL
given
candidateA
's
No-Vary-Search hint
, then return false.
Return true.
The requirement that the
No-Vary-Search hints
be
equivalent is somewhat strict. It means that some cases which could theoretically be treated as
matching, are not treated as such. Thus, redundant speculative loads could happen.
However, allowing more lenient matching makes the check no longer an equivalence relation, and
producing such matches would require an implementation strategy that does a full comparison,
instead of a simpler one using normalized URL keys. This is in line with the best practices for
server operators, and attendant HTTP cache implementation notes, in
No
Vary Search
§ 6 Comparing
In practice, we do not expect this to cause redundant speculative loads, since server
operators and the corresponding speculation rules-writing web developers will follow best
practices and use static `
No-Vary-Search
` header values/speculation rule hints.
Consider three
speculative load
candidates
has a
URL
of
and a
No-Vary-Search hint
parsed from
params=("a")
has a
URL
of
and a
No-Vary-Search hint
parsed from
params=("b")
has a
URL
of
and a
No-Vary-Search hint
parsed from
params=("a")
With the current definition of
redundant
with
, none of these candidates are redundant with each other. A
speculation rule
set
which contained all three could cause three separate speculative loads.
A definition which did not require equivalent
No-Vary-Search hints
could consider
and
to match (using
's
No-Vary-Search
hint
), and
and
to match (using
's
No-Vary-Search hint
). But it could not consider
and
to match, so it would not be transitive, and thus not an
equivalence relation.
Every
Document
has
speculation rule sets
, a
list
of
speculation rule sets
, initially
empty.
Every
Document
has a
consider speculative loads microtask queued
, a
boolean, initially false.
To
consider speculative loads
for a
Document
document
If
document
's
node navigable
is not a
top-level
traversable
, then return.
Supporting speculative loads into
child
navigables
has some complexities and is not currently defined. It might be possible to
define it in the future.
If
document
's
consider speculative loads microtask queued
is true,
then return.
Set
document
's
consider speculative loads microtask queued
to
true.
Queue a microtask
given
document
to run the following steps:
Set
document
's
consider speculative loads microtask queued
to
false.
Run the
inner consider speculative loads steps
for
document
In addition to the call sites explicitly given in this standard:
When style recalculation would cause selector matching results to change, the user agent
must
consider speculative loads
for the relevant
Document
When the user indicates interest in
hyperlinks
, in one of the
implementation-defined
ways that the user agent uses to implement the
speculation rule eagerness
heuristics, the user agent may
consider
speculative loads
for the hyperlink's
node document
For example, a user agent which implements "
conservative
" eagerness by watching for
pointerdown
events would want to
consider speculative
loads
as part of reacting to such events.
In this standard, every call to
consider speculative loads
is given just a
Document
, and the algorithm re-computes all possible candidates in a stateless way.
A real implementation would likely cache previous computations, and pass along information from
the call site to make updates more efficient. For example, if an
element's
href
attribute is changed, that specific element could be
passed along in order to update only the related
speculative load candidate
Note that because of how
consider speculative loads
queues a microtask, by the
time the
inner consider speculative loads steps
are run, multiple updates (or
cancelations
) might be processed
together.
The
inner consider speculative loads steps
for a
Document
document
are:
If
document
is not
fully active
, then return.
Let
prefetchCandidates
be an empty
list
For each
ruleSet
of
document
's
speculation rule sets
For each
rule
of
ruleSet
's
prefetch rules
Let
anonymizationPolicy
be null.
If
rule
's
requirements
contains
anonymous-client-ip-when-cross-origin
", then set
anonymizationPolicy
to a
cross-origin prefetch IP anonymization
policy
whose
origin
is
document
's
origin
For each
url
of
rule
's
URLs
Let
referrerPolicy
be the result of
computing a speculative load referrer policy
given
rule
and null.
Append
a new
prefetch candidate
with
URL
url
No-Vary-Search hint
rule
's
No-Vary-Search hint
eagerness
rule
's
eagerness
referrer policy
referrerPolicy
tags
rule
's
tags
anonymization policy
anonymizationPolicy
to
prefetchCandidates
If
rule
's
predicate
is not null:
Let
links
be the result of
finding
matching links
given
document
and
rule
's
predicate
For each
link
of
links
Let
referrerPolicy
be the result of
computing a speculative load referrer policy
given
rule
and
link
Append
a new
prefetch candidate
with
URL
link
's
url
No-Vary-Search hint
rule
's
No-Vary-Search hint
eagerness
rule
's
eagerness
referrer policy
referrerPolicy
tags
rule
's
tags
anonymization policy
anonymizationPolicy
to
prefetchCandidates
For each
prefetchRecord
of
document
's
prefetch records
If
prefetchRecord
's
source
is
not "
speculation rules
", then
continue
Assert
prefetchRecord
's
state
is not "
canceled
".
If
prefetchRecord
is not
still being speculated
given
prefetchCandidates
, then
cancel
and discard
prefetchRecord
given
document
Let
prefetchCandidateGroups
be an empty
list
For each
candidate
of
prefetchCandidates
Let
group
be «
candidate
».
Extend
group
with all
items
in
prefetchCandidates
, apart from
candidate
itself,
which are
redundant with
candidate
and whose
eagerness
is
at least as eager
as
candidate
's
eagerness
If
prefetchCandidateGroups
contains
another group whose
items
are the same as
group
ignoring order, then
continue
Append
group
to
prefetchCandidateGroups
The following speculation rules generate two
redundant
prefetch candidates
"prefetch"
"tag"
"a"
"urls"
"next.html"
},
"tag"
"b"
"urls"
"next.html"
],
"referrer_policy"
"no-referrer"
This step will create a single group containing them both, in the given order. (The second
pass through will not create a group, since its contents would be the same as the first group,
just in a different order.) This means that if the user agent chooses to execute the "may" step
below to enact the group, it will enact the first candidate, and ignore the second. Thus, the
request will be made with the
default referrer policy
, instead of using "
no-referrer
".
However, the
collect tags from speculative load candidates
algorithm will
collect tags from both candidates in the group, so the `
Sec-Speculation-Tags
header value will be `
"a", "b"
`. This indicates to server operators that
either rule could have caused the speculative load.
For each
group
of
prefetchCandidateGroups
The user agent may run the following steps:
Let
prefetchCandidate
be
group
[0].
Let
tagsToSend
be the result of
collecting tags from speculative load candidates
given
group
Let
prefetchRecord
be a new
prefetch record
with
source
speculation rules
URL
prefetchCandidate
's
URL
No-Vary-Search hint
prefetchCandidate
's
No-Vary-Search
hint
referrer policy
prefetchCandidate
's
referrer
policy
anonymization policy
prefetchCandidate
's
anonymization policy
tags
tagsToSend
Start a referrer-initiated navigational prefetch
given
document
and
prefetchRecord
When deciding whether to execute this "may" step, user agents should consider
prefetchCandidate
's
eagerness
, in
accordance to the current behavior of the user and the definitions of
speculation rule
eagerness
prefetchCandidate
's
No-Vary-Search
hint
can also be useful in implementing the heuristics defined for the
speculation rule eagerness
values. For example, a user hovering of a link whose
URL
is
equivalent modulo search
variance
to
prefetchCandidate
's
URL
given
prefetchCandidate
's
No-Vary-Search
hint
could indicate to the user agent that performing this step would be useful.
When deciding whether to execute this "may" step, user agents should prioritize user
preferences (express or implied, such as data-saver or battery-saver modes) over the eagerness
supplied by the web developer.
To
compute a speculative load referrer policy
given a
speculation rule
rule
and an
element,
area
element, or null
link
If
rule
's
referrer policy
is not the
empty string, then return
rule
's
referrer
policy
If
link
is null, then return the empty string.
Return
link
's
hyperlink referrer policy
To
collect tags from speculative load candidates
given a
list
of
speculative load candidates
candidates
Let
tags
be an empty
ordered set
For each
candidate
of
candidates
For each
tag
of
candidate
's
tags
append
tag
to
tags
Sort in ascending order
tags
, with
tagA
being less than
tagB
if
tagA
is null, or if
tagA
is
code unit less than
tagB
Return
tags
To
find matching links
given a
Document
document
and a
document rule predicate
predicate
Let
links
be an empty
list
For each
shadow-including descendant
descendant
of
document
, in
shadow-including tree order
If
descendant
is not an
or
area
element with an
href
attribute, then
continue
If
descendant
is not
being rendered
or is part of
skipped contents
, then
continue
Such links, though present in
document
, aren't available for the
user to interact with, and thus are unlikely to be good candidates. In addition, they might
not have their style or layout computed, which might make selector matching less efficient in
user agents which skip some or all of that work for these elements.
If
descendant
's
url
is null, or
its
scheme
is not an
HTTP(S) scheme
, then
continue
If
predicate
matches
descendant
, then
append
descendant
to
links
Return
links
document rule predicate
predicate
matches
an
or
area
element
el
if the following steps return true, switching on
predicate
's type:
document rule conjunction
For each
clause
of
predicate
's
clauses
If
clause
does not
match
el
, then return false.
Return true.
document rule disjunction
For each
clause
of
predicate
's
clauses
If
clause
matches
el
then return true.
Return false.
document rule negation
If
predicate
's
clause
matches
el
, then return false.
Return true.
document rule URL pattern predicate
For each
pattern
of
predicate
's
patterns
If performing a
match
given
pattern
and
el
's
url
gives a non-null value,
then return true.
Return false.
document rule selector predicate
For each
selector
of
predicate
's
selectors
If performing a
match
given
selector
and
el
with the
scoping root
set to
el
's
root
returns success, then return true.
Return false.
Speculation rules features use the
speculation rules task source
, which is a
task source
Because speculative loading is generally less important than processing tasks for
the purpose of the current document, implementations might give
tasks
enqueued here an especially low priority.
7.6.2
Navigational prefetching
For now, the navigational prefetching process is defined in the
Prefetch
specification. Moving it into this standard is tracked in
issue #11123
[PREFETCH]
This standard refers to the following concepts defined there:
prefetch
record
, and its items
source
URL
No-Vary-Search
hint
referrer
policy
anonymization
policy
tags
and
state
cancel
and discard
still
being speculated
prefetch
records
start
a referrer-initiated navigational prefetch
7.6.3
The `
Speculation-Rules
` header
The `
Speculation-Rules
` HTTP response header allows the
developer to request that the user agent fetch and apply a given
speculation rule set
to the current
Document
. It is a
structured
header
whose value must be a
list
of
strings
that are all
valid URL strings
To
process the `
Speculation-Rules
` header
given a
Document
document
and a
response
response
Let
parsedList
be the result of
getting a structured field value
given `
Speculation-Rules
` and "
list
" from
response
's
header list
If
parsedList
is null, then return.
For each
item
of
parsedList
If
item
is not a
string
, then
continue
Let
url
be the result of
URL parsing
item
with
document
's
document base URL
If
url
is failure, then
continue
In parallel
Optionally, wait for an
implementation-defined
amount of time.
This allows the implementation to prioritize other work ahead of loading
speculation rules, as especially during
Document
creation and header
processing, there are often many more important things going on.
Queue a global task
on the
speculation rules task source
given
document
's
relevant global object
to perform the following
steps:
Let
request
be a new
request
whose
URL
is
url
destination
is "
speculationrules
", and
mode
is
cors
".
Fetch
request
with the following
processResponseConsumeBody
steps given
response
response
and null, failure, or a
byte sequence
bodyBytes
If
bodyBytes
is null or failure, then abort these steps.
If
response
's
status
is
not an
ok status
, then abort these steps.
If the result of
extracting a MIME type
from
response
's
header list
does not have an
essence
of
application/speculationrules+json
", then abort these steps.
Let
bodyText
be the result of
UTF-8
decoding
bodyBytes
Let
ruleSet
be the result of
parsing a speculation rule set string
given
bodyText
document
, and
response
's
URL
. If this throws an exception, then abort these
steps.
Append
ruleSet
to
document
's
speculation rule
sets
Consider speculative loads
for
document
7.6.4
The `
Sec-Speculation-Tags
` header
The `
Sec-Speculation-Tags
` HTTP request header specifies
the web developer-provided tags associated with the speculative navigation request. It can also be
used to distinguish speculative navigation requests from speculative subresource requests, since
Sec-Purpose
` can be sent by both categories of requests.
The header is a
structured header
whose value must
be a
list
. The list can contain either
token
or
string
values. String values represent
developer-provided tags, whereas token values represent predefined tags. As of now, the only
predefined tag is
null
, which indicates a speculative navigation request
with no developer-defined tag.
7.6.5
Security considerations
7.6.5.1
Cross-site requests
Speculative loads can be initiated by web pages to cross-site destinations. However, because
such cross-site speculative loads are always done without
credentials
, as explained
below
, ambient authority is limited to
requests that are already possible via other mechanisms on the platform.
The `
Speculation-Rules
` header can also be used to issue requests, for JSON
documents whose body will be
parsed as a
speculation rule set string
. However, they use the "
same-origin
credentials mode
, the "
cors
mode
, and responses which do not
use the
application/speculationrules+json
MIME type essence
are ignored,
so they are not useful in mounting attacks.
7.6.5.2
Injected content
Because links in a document can be selected for speculative loading via
document rule predicates
, developers need to be cautious if such links
might contain user-generated markup. For example, if the
href
of a link can be entered by one user and displayed to all
other users, a malicious user might choose a value like "
/logout
", causing
other users' browsers to automatically log out of the site when that link is speculatively loaded.
Using a
document rule selector predicate
to exclude such potentially-dangerous links,
or using a
document rule URL pattern predicate
to allowlist known-safe links, are
useful techniques in this regard.
As with all uses of the
script
element, developers need to be cautious about
inserting user-provided content into

tag could be used to break out of the
script
element
context and inject attacker-controlled markup.
The