To support variable fonts, color vector fonts, responsive images, and other third-party content which requires client information lost by the user agent reduction implementation we need a way to extend client hints. For example: variable fonts allow significantly less font information to be transferred without loss of functionality, but only works on specific operating systems.

Motivation

It’s already possible to set a Permissions Policy in the HTTP response header, but for sites without the ability to modify HTTP headers a HTML solution would be ideal. This proposal prototypes a metadata meta tag which allows delegation of client hints to third-party origins. These tags could be included in code-snippets for embedded third-party content for ease of use. For example, to specify third party requests to `https://foo.bar` must include `sec-ch-width` you could include: <meta name="accept-ch" content="sec-ch-width=('self' 'https://foo.bar')"> You may still omit the permission policy and rely on the default allowlist as follows: <meta name="accept-ch" content="sec-ch-width"> Note that this is the equivalent of the following today: <meta http-equiv="accept-ch" content="sec-ch-width">

Specification

Specification link


Specification being incubated in a Community Group

Status in Chromium

Privacy>Fingerprinting


Proposed (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

  • No signal
  • No signal
  • No signal
  • Positive

Owners

Last updated on 2021-09-08