To support content negotiation use cases such as differential serving of variable fonts, color vector fonts, responsive images, and other third-party content which requires client information lost by user agent reduction. For example: variable fonts allow significantly less font information to be transferred without loss of functionality, but only works on specific operating systems.

Motivation

It’s already possible to set a Permissions Policy in the HTTP response header, but for sites without the ability to modify HTTP headers a HTML solution would be ideal. This proposal ships a meta tag which allows delegation of client hints to third-party origins. These tags could be included in code-snippets for embedded third-party content for ease of use. For example, to specify third party requests to `https://foo.bar` must include `sec-ch-width` you could include: <meta name="accept-ch" content="sec-ch-width=( https://foo.bar )"> You may still omit the permission policy and rely on the default allowlist as follows: <meta name="accept-ch" content="sec-ch-width"> Note that this is the equivalent of the following today: <meta http-equiv="accept-ch" content="sec-ch-width">

Specification

Specification link


Specification being incubated in a Community Group

Status in Chromium

Privacy>Fingerprinting


Proposed (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

Owners

Intent to Prototype url

Intent to Prototype thread

Last updated on 2022-01-19