Skip to content

Implement parser-safe SSAT late binding#872

Open
ChristianPavilonis wants to merge 1 commit into
refactor/cache-headersfrom
refactor/ssat-streaming
Open

Implement parser-safe SSAT late binding#872
ChristianPavilonis wants to merge 1 commit into
refactor/cache-headersfrom
refactor/ssat-streaming

Conversation

@ChristianPavilonis

Copy link
Copy Markdown
Collaborator

Summary

  • Implements parser-safe SSAT bid late binding using a lol_html-inserted opaque placeholder instead of raw </body byte scanning.
  • Adds EOF fallback handling for malformed HTML, including a minimal executable tail when <head> and </body> are missing.
  • Keeps full-document HTML post-processors on a bounded buffered path that sees final HTML, not placeholders.

Changes

File Change
crates/trusted-server-core/src/publisher_late_binding.rs Adds per-request bid placeholders, insertion tracking, and a streaming placeholder late binder with split-chunk detection, duplicate stripping, and held-tail cap enforcement.
crates/trusted-server-core/src/html_processor.rs Adds bid injection modes, post-processing mode controls, reusable head bootstrap/post-processor helpers, and placeholder insertion from parser-confirmed body end tags.
crates/trusted-server-core/src/publisher.rs Replaces raw body-close scanning with parser-safe late binding, EOF fallback, buffered post-processor late binding, cap enforcement, and auction collect/abandon handling.
crates/trusted-server-core/src/lib.rs Exports the late-binding module.
crates/trusted-server-core/benches/html_processor_bench.rs Updates benchmark config for the new HTML processor fields.
docs/superpowers/specs/2026-07-08-ssat-publisher-streaming-parser-safe-design.md Adds the parser-safe SSAT streaming design spec.
docs/superpowers/plans/2026-07-08-ssat-publisher-streaming-parser-safe-implementation-plan.md Adds the implementation plan for the design.

Closes

Closes #857

Test plan

  • cargo test-fastly && cargo test-axum
  • cargo clippy-fastly && cargo clippy-axum
  • cargo fmt --all -- --check
  • JS tests: cd crates/trusted-server-js/lib && npx vitest run
  • JS format: cd crates/trusted-server-js/lib && npm run format
  • Docs format: cd docs && npm run format
  • WASM build: cargo build --package trusted-server-adapter-fastly --release --target wasm32-wasip1
  • Manual testing via fastly compute serve
  • Other: cargo test-cloudflare && cargo clippy-cloudflare

Checklist

  • Changes follow CLAUDE.md conventions
  • No unwrap() in production code — use expect("should ...")
  • Uses tracing macros (not println!)
  • New code has tests
  • No secrets or credentials committed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant