From b2233a07bdd429143273f594943cc4a772362393 Mon Sep 17 00:00:00 2001 From: Issack John Date: Fri, 14 Jun 2024 14:08:40 -0700 Subject: [PATCH 1/4] add source Modules field --- CrashReporting/AddStackToCrashReports.md | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/CrashReporting/AddStackToCrashReports.md b/CrashReporting/AddStackToCrashReports.md index 1bba40b3..c1fbdd62 100644 --- a/CrashReporting/AddStackToCrashReports.md +++ b/CrashReporting/AddStackToCrashReports.md @@ -28,10 +28,19 @@ Web sites can contain bugs or inefficiencies that cause the page or an iframe wi ## Proposal -If a site opts in, crash reports uploaded by the Crash Reporting API may include the JavaScript call stack, in a new property on `CrashReportBody`: +If a site opts in, crash reports uploaded by the Crash Reporting API may include the JavaScript call stack and script hashes, in new properties on `CrashReportBody`: ``` readonly attribute DOMString? stack; +readonly attribute DOMString? sourceModules; +``` + +## Source Modules + +In addition to the JavaScript call stack, we propose adding a `sourceModules` field to the `CrashhReportBody`. This field will contain information about the source modules present in the call stack. Each source module will be a Source mapping URL or URL and a SHA-256 hash of the source. This will allow developers to indentify the exact version of the code that was running when the crash occured. The field may look something like this: + +``` +"https://example.com/script.js f3a2b4c5d6e7f8g9123456k3l4m5n6o7p8q9r0s1abcdefw5x6y7z8a9b0c1d2e3\n" ``` ### How to opt in? From df25369c2975e9428fce47d9a46e4ec3b90debd7 Mon Sep 17 00:00:00 2001 From: Issack John Date: Mon, 17 Jun 2024 14:39:28 -0700 Subject: [PATCH 2/4] nit --- CrashReporting/AddStackToCrashReports.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CrashReporting/AddStackToCrashReports.md b/CrashReporting/AddStackToCrashReports.md index c1fbdd62..3f199cf7 100644 --- a/CrashReporting/AddStackToCrashReports.md +++ b/CrashReporting/AddStackToCrashReports.md @@ -96,7 +96,7 @@ This adds a mechanism that could allow website owners to learn about an extensio ### Security -Just like `Error.prototype.stack`, stack frames from cross-domain scripts that were not loaded with CORS must be omitted. +Just like `Error.prototype.stack`, stack frames & script hashes from cross-domain scripts that were not loaded with CORS must be omitted. ## References & acknowledgements From 706d58a8504c4bcfc8783e8fdcfe945e4284033b Mon Sep 17 00:00:00 2001 From: Issack John Date: Mon, 17 Jun 2024 14:41:41 -0700 Subject: [PATCH 3/4] another nit --- CrashReporting/AddStackToCrashReports.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CrashReporting/AddStackToCrashReports.md b/CrashReporting/AddStackToCrashReports.md index 3f199cf7..65524626 100644 --- a/CrashReporting/AddStackToCrashReports.md +++ b/CrashReporting/AddStackToCrashReports.md @@ -88,7 +88,7 @@ Wasm stack frames will be supported. Typically the format is `${url}:wasm-functi #### Why require opt-in? -Some sites may be sending their reports to a third-party service and not wish to expose information about their site code to that third party. This feature would also increase the size of reports, add a property that existing servers might not handle correctly, and include data that users might not have consented to send. +Some sites may be sending their reports to a third-party service and not wish to expose information about their site code to that third party. This feature would also increase the size of reports, adding two propertyies that existing servers might not handle correctly, and include data that users might not have consented to send. #### Does this affect user privacy? From 4e2d85809d3f59bbcf609326de90e1d39b74cdc6 Mon Sep 17 00:00:00 2001 From: Issack John Date: Tue, 18 Jun 2024 10:05:48 -0700 Subject: [PATCH 4/4] fix typo --- CrashReporting/AddStackToCrashReports.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CrashReporting/AddStackToCrashReports.md b/CrashReporting/AddStackToCrashReports.md index 65524626..0e604873 100644 --- a/CrashReporting/AddStackToCrashReports.md +++ b/CrashReporting/AddStackToCrashReports.md @@ -88,7 +88,7 @@ Wasm stack frames will be supported. Typically the format is `${url}:wasm-functi #### Why require opt-in? -Some sites may be sending their reports to a third-party service and not wish to expose information about their site code to that third party. This feature would also increase the size of reports, adding two propertyies that existing servers might not handle correctly, and include data that users might not have consented to send. +Some sites may be sending their reports to a third-party service and not wish to expose information about their site code to that third party. This feature would also increase the size of reports, adding two properties that existing servers might not handle correctly, and include data that users might not have consented to send. #### Does this affect user privacy?