You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Speculation Rules API should improve website UX thanks to a set of rules that a webdeveloper can write for hinting where the browser should prerender/prefetch a set of pages. experimental.clientPrerender is a step for automate what rules should be written about for every pages I navigate.
Unfortunately, it won't provide support for dealing with Content Security Policies (CSP): you need to use script-src: 'unsafe-inline' for get this to work, which nullifies the benefits of CSP.
There are a bunch of methods to write speculation rules. experimental.clientPrerender however is the least CSP compatible of all: it requires a nonce/hash ahead-of-time, along with script-src: 'inline-speculation-rules' to get this to work.
Using netlify-csp-plugin it'll become unfeasible, and Speculation-Rules HTTP header isn't a swissknife solution if you have many different pages around your site
Goals
Astro should provide a bunch of CSP APIs and/or provide some tools that would make writing CSP policies a breeze for a newcomer dev. So, in this instance, Astro would compile AOT every hash that experimental.clientPrerender would generate and pass them on script-src: 'inline-speculation-rules' per page.
Alternatively, it could inject Speculation-Rules HTTP headers with a JSON file for every page in the site (and that would be also cacheable).
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Summary
Speculation Rules API should improve website UX thanks to a set of rules that a webdeveloper can write for hinting where the browser should prerender/prefetch a set of pages.
experimental.clientPrerenderis a step for automate what rules should be written about for every pages I navigate.Unfortunately, it won't provide support for dealing with Content Security Policies (CSP): you need to use
script-src: 'unsafe-inline'for get this to work, which nullifies the benefits of CSP.Background & Motivation
https://developer.chrome.com/docs/web-platform/prerender-pages#csp
There are a bunch of methods to write speculation rules.
experimental.clientPrerenderhowever is the least CSP compatible of all: it requires a nonce/hash ahead-of-time, along withscript-src: 'inline-speculation-rules'to get this to work.Using
netlify-csp-pluginit'll become unfeasible, andSpeculation-RulesHTTP header isn't a swissknife solution if you have many different pages around your siteGoals
Astro should provide a bunch of CSP APIs and/or provide some tools that would make writing CSP policies a breeze for a newcomer dev. So, in this instance, Astro would compile AOT every hash that
experimental.clientPrerenderwould generate and pass them onscript-src: 'inline-speculation-rules'per page.Alternatively, it could inject
Speculation-RulesHTTP headers with a JSON file for every page in the site (and that would be also cacheable).Beta Was this translation helpful? Give feedback.
All reactions