WICG
Consider limiting the number of sources a reporting origin can register per initiated navigation
Because the API supports source registrations on both background attribution redirects, and foreground navigation redirects, a single reporting origin can potentially register many navigation sources in response to a single initiated navigation.
To clarify, there are two axes on which the same reporting origin can register multiple navigation sources from the same navigation:
- Background and foreground chains
- Redirects within either a background or foreground chain
Restricting either axis would be a breaking change.
To clarify, there are two axes on which the same reporting origin can register multiple navigation sources from the same navigation:
- Background and foreground chains
- Redirects within either a background or foreground chain
Restricting either axis would be a breaking change.
Also, fenced frame beacons can also registration ARA from navigation.
Another complication is that a single user activation can call window.open multiple times, which technically correspond to multiple navigations.
Another complication is that a single user activation can call
window.openmultiple times, which technically correspond to multiple navigations.
I was wrong about this. Per MDN:
Modern browsers have strict popup blocker policies. Popup windows must be opened in direct response to user input, and a separate user gesture event is required for each Window.open() call.
Would excess registrations here be rejected or downgraded to event sources? Perhaps there's an argument for allowing the reporting origin to configure this.