►
Description
High-level overview of the refactoring Implemented in Chrome's source code to define a dedicated component for the Custom Handlers logic. Thanks to this refactoring, we have improved the support for Chrome embedders to implement their own pre-defined Custom Handlers for the schemes they consider strategic. Patching Chrome to add a pre-defined Custom Handler to manage IPFS schemes is now trivial, reducing considerably the efforts of embedders to deal with rebases in order to sync with Chrome upstream.
A
We
had
the
long-term
goal
of
of
making
available
for
browsers
to
have
native
support
of
ipfs
protocol,
but
in
the
winter
we
would
like
to
improve
the
situation
so
that
the
ipfs
network
is
a
flexible
using
the
gateways.
That's
that's
the
the
short-term
goal
done
and
what
we
have
been
working
on
in
these
years.
We
really
believe
that
all
the
work
we
are
doing
benefits
not
only
the
ipfs
community
but
the
world,
the
web
platform
Community
as
a
whole.
A
We
started
the
the
collaboration
in
2020
and
the
first
years
we
have
provided
to
the
web
platform
important
improvements
in
different
browsers
about
the
security
in
the
area
of
the
security,
secure
context,
also
localhost
and
loopback
networking
and,
of
course,
web
extensions.
We
improve
the
situation.
The
ipfs
companion
extension
is
really
useful
for
the
community
and
and
we
have
fixed
several
bugs
there.
A
The
HTML
API
is
pretty
simple,
with
just
the
scheme
and
the
Handler,
but
it
requires
some
some
restrictions
either
the
scheme
is
prefixed
with
the
web
Plus
or
be
in
the
HTML
safe
list.
Also,
the
handlers
must
be
of
the
same
origin
than
the
registration
page,
and
also
that's
important
limitation
requires
confirmation
from
the
end
users
to
authorize
the
registration.
A
So,
let's
talk
about
now
this
new
component,
that
is
part
now
of
the
chromium
chord
base.
Why
a
new
component?
Well,
the
main
issue
that
we
wanted
to
solve
is
to
allow
column
embedders
to
share
all
the
custom,
hundreds
logic
that
was
before
part
of
the
Chrome
specific
bits,
other
advantages
to
avoid
code,
duplication
of
the
security
and
privacy
logic
that
is
run
by
both
the
render
and
browser
processes
and
also
improve
the
web
plan
for
test
coverage,
including
test
automation.
That's
still
a
goal,
but
we
are
close
as
a
secondary
goal
as
well.
A
A
There
is
still
a
two
classes
that
are
important
that
remain
in
Chrome,
as
the
Chrome
delegate,
that
provides
the
integration
with
the
operating
system
and
Invaders
can
provide
their
own
delegate
depending
on
the
operating
system.
They
want
to
to
run,
and
then
the
factory,
which
is
what
creates
an
appropriate
instance
of
the
delegate,
and
it
also
provides
some
crime.
Specific
logic
like
encountered.
The
mode
and
this
kind
of
profile
management.
A
A
A
So
we
get
that
idea
and
yeah.
First
of
all,
a
bit
of
a
Content.
That
is
the
very
important
which
is
the
scheme
registry,
which
is
where
all
these
schemes
that
the
browser
now
are
declared
there
is.
There
are
different
lists
of
schemes
and
the
browser
can
Implement
different
behaviors
for
each
list.
You
can
have
a
secure
schemes
list
and
knowing
that
is
a
secure
scheme,
you
can
Implement
different
Behavior.
A
I
have
a
simple
demo
this
this
the
two
lines,
the
only
two
lines
that
you
have
to
add
just
to
make
Chrome
and
use
the
the
HTTP
big
headways
for
any
ipfs
URL,
that
is,
in
the
top
level
navigation,
I
mean
or
even
link
to
clicks
yeah.
Since
the
since
the
browser
doesn't
understand
the
scheme,
there
is
no
extension
there.
There
is
no
protocol
Handler,
so
the
browser
just
open,
Google,
search
and
search
for
for
the
term.
So
now
I'm
going
to
apply
a
simple
patch
and
we
compile
Chrome
again
with
this
small
change.
A
A
So
there
are
several
things
that
could
improve
this.
We
could
perhaps
in
Landis
behind
experimental
flag
a
runtime
flag
that
the
end
user
can
activate
on
demand,
or
there
are
different
ways
that
we
can
do
this,
but
yeah
I
think
these
are
a
good
start,
and
then
we
need
to
discuss
this
with
the
chromium
Community
to
see
if
this
is
useful
or
not
for
for
the
whole,
and
this
is
also
available
for
any
other
scheme,
not
just
ibfs.
So
so
why
why
people
Define
hundreds?
A
A
Of
course
there
should
be
if
this
is
a
feature
that
is
shipped
by
default.
We
should
warn
the
user
that
this
is
going
to
happen
so,
for
instance,
the
first
time
the
user
clicks,
an
ipfs
link
is
going
to
be
and
warn
about
a
Handler
is
going
to
be
to
to
radiate
the
request
to
a
HTTP
Gateway.
So
the
user
is
aware
of
this,
but
also,
and
also
another
Advantage,
is
that
we
can
bypass
some
of
the
restrictions
imposed
by
the
HTML
API.
A
A
Also,
we
come
by
bypass
the
100
URL
syntax
that
requires
the
person
code
there.
So
we
we
can
add
there
whatever
we
want
for
the
Handler
that
could
allow
to
implement
smarter
hundreds,
but
the
custom,
Hardware
validation
still
applies.
What
what
does
this
means?
The
schemes
should
be
https
or
extension
schemes.
A
A
What's
next
I
mean
we
will
continue
working
on
this
for
for
the
next
years,
and
one
of
the
the
important
areas
we
were
still
working
on
is
the
unification
of
the
secure
context
concept.
This
is
a
fundamental
concept
for
the
custom
handlers
logic
and
there
are
less.
There
are
still
inconsistencies
in
the
implementation
between
the
render
and
browser
processes.
So
we
will
plan
to
to
continue
working
on
that
testing.
Automation,
as
I
said,
one
of
the
advantage
or
of
the
refactoring
we
made
is
that
now
we
can
run
the
web
for
test
with
the
content.
A
Shell,
the
content,
shell,
is
a
minimum
browser
that
is
part
of
the
chromium
color
base.
This
contentual
is
what
the
chromium
infrastructure
Bots
use
for
the
continuous
integration
so
having
support
for
protocol
Hunters.
There
give
us
some
some
good
method
about
regressions
and
but
the
the
tests
that
are
available
in
the
web
platform
test
infrastator
are
manual.
A
Why?
Because,
as
I
said,
the
resistor
protocol
Hunter
requires
user
interaction
and
the
and
the
browser
ignores
any
request
that
is
not
activated
with
a
transient
transient
user
activation.
That
means
a
click,
an
active
element.
There
is
an
API
in
the
WPD
infrastructure
to
bypass
this,
but
we
still
need
the
user
authorization.
We
need
some
kind
of
thing
to
automate
the
permission
to
Grant
the
permissions
for
that
we
are
exploring
a
new
web
driver
command.
A
Yes,
I
say
this
would
allow
us
to
change
all
the
tests
that
are
now
manually
to
automatic
tests
that
are
run
not
only
by
the
chromium
infrastructure,
but
the
web
platform
test
infrastructive
tool
which
are
which
is
cross
browser.
So
we
can
detect
regressions
in
Firefox
in
Chrome,
based
browsers,
like
Edge
or
or
Opera,
but
also
Safari
If.
Eventually
they
implement
the
the
API,
but
yeah
I
think
that's
important
because
ensures
that
we
we
apply
change
in
a
correct
way,
yeah
that
that
I
I.
A
This
is
an
example
of
how
challenging
is
this
process
of
standardization.
We
need
to
provide
a
PR
for
the
HTTP
spec,
because
the
Webdriver
command
is
used
by
this
spec
and
we
need
to
provide
new
tests
and
request
for
commands,
because
we
change
the
infrastructure
of
the
WPT
infraction
tool.
Then
there
is
the
Chrome
intent
and
we
need
to
also
ask
the
other
browsers
for
opinion,
because
if
we
want
this
to
be
a
standard,
it
must
be
approved
by
at
least
three
major
browsers.
A
A
Unfortunately,
Chrome
accepted
a
change
to
consider
ipfs
safe,
so
at
least
in
Chrome.
We
don't
have
to
worry
about
that,
but
in
other
browsers,
for
instance,
Firefox
you,
you
are
forced
to
use
the
prefix
one
of
the
reasons
why
they
still
are
not
sure
about.
That
is
that
yeah,
the
operating
system
relies
on
URLs
for
applications
as
well,
and
they
don't
want
to
hijack
that
functionality
for
for
the
web,
and
also
there
is
another
clear
definition
of
when
a
scheme
is
safe,
but
yeah.
A
We
managed
to
Pro
together
a
specific
list
of
milestones
and
we
will.
We
will
get
there
eventually,
and
this
is
another
another
idea
that
we
are
exploring.
The
ipfs
protocol
Handler
allows
us
to
understand
IP
or
access
the
ipfs
network,
but
only
in
the
top
level
navigation
on
when
you
click
links.
But
what
happened
with
the
other
resources
that
web
has,
for
instance,
what
about
the
style
sheets?
What
about
scripts?
What
about
the
other
things
that
aside
can
have
it
really?
A
All
of
all
those
resources
should
be
retrieved
using
ibfs,
so
register
protocol
hunger.
So
far,
the
HTML
is
not
enough.
It
doesn't
doesn't
work
like
that,
so
the
several
sources
Integrity,
is
a
specification
that
once
we
wanted
to
ensure
that
what
you
get,
what
you
ask
is
the
is
the
specific
content.
A
So
the
idea
is
to
use
that
pattern
or
of
what,
instead
of
where
to
retrieve
the
or
indicate
that
we
want
to
retrieve
the
content
using
ipfs,
so
the
Integrity
attribute
would
be
not
only
for
integrity
but
also
for
access
yeah
and
finally,
the
last
thing
we
were
working
on
not
not
related
to
to
to
brother
100,
but
but
also
a
benefit
for
the
web
transfer
is
the
web
key
to
API
improvements
to
add
safe
curves.
We
are
working
on
adding
the
AdWords
25,
5,
19.
A
and
and
the
key
agreement.
Algorithms,
we
are
ongoing.
The
implementation
has
a
start
and
is,
is
ongoing
in
Chrome,
and
we
have
got
some
positive
signals
from
from
Safari
on
Firefox,
so
yeah.
We
are
confident
that
this
will
be
one
of
the
achievements
of
the
next
year
and
yeah.
Thank
you.
Sorry
for
the
long
talk.