We currently use a GET request with query params for all the other data (id, version, installsource, etc.). In the long run we want to change to using the common updater code which I believe uses POST requests, and should give us these headers for free (if/when they are implemented there). 

It would be pretty easy to add to the current extension updater code though if we want this in the short term. Assuming we do, would we still want this implemented as HTTP headers? Are all 3 headers necessary (even if the X-GoogleUpdate-AppId duplicates information that's already in the query params)?

Antony, can you reassign this feature request?

> X-GoogleUpdate-AppId: oimompecagnajdejgnnjijobebaeigek[,...]
> A comma-separated list of all the appids in the request.

This is about 90% of the request itself (which really only includes extension id and extension version, IIRC).  What's the motivation for including it in the header?

This issue seems to be missing the original motivation that led to its filing: "If the user hits Update Extensions Now" on chrome://extensions/, we want that not to throttle the update process. 

For this scenario, the extension update request type (X-GoogleUpdate-Interactivity) would be "fg", and the server will try its best to not throttle the update process.

> This is about 90% of the request itself (which really only includes
> extension id and extension version, IIRC).  What's the motivation for
> including it in the header?
The motivation here is to allow a setting up rule to avoid DOS attack on the auto update server before a request reaches it.

FWIW The rules can be set on the request line as well, so for GET update checks the trade-off is having a uniform solution with POST and other Omaha clients versus the increase in the request size.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/b764761949ea8376c93fb682ca51a29852e6f39f

commit b764761949ea8376c93fb682ca51a29852e6f39f
Author: mxnguyen <mxnguyen@chromium.org>
Date: Mon Apr 03 17:54:14 2017

Send traffic-management headers from extension updater.

This change will allow Omaha to mitigate DoS and prioritize traffic better.

BUG= 647516 

Review-Url: https://codereview.chromium.org/2768573002
Cr-Commit-Position: refs/heads/master@{#461466}

[modify] https://crrev.com/b764761949ea8376c93fb682ca51a29852e6f39f/chrome/browser/chromeos/extensions/external_cache.cc
[modify] https://crrev.com/b764761949ea8376c93fb682ca51a29852e6f39f/chrome/browser/extensions/api/developer_private/developer_private_api.cc
[modify] https://crrev.com/b764761949ea8376c93fb682ca51a29852e6f39f/chrome/browser/extensions/updater/extension_updater.cc
[modify] https://crrev.com/b764761949ea8376c93fb682ca51a29852e6f39f/chrome/browser/extensions/updater/extension_updater.h
[modify] https://crrev.com/b764761949ea8376c93fb682ca51a29852e6f39f/chrome/browser/extensions/updater/extension_updater_unittest.cc
[modify] https://crrev.com/b764761949ea8376c93fb682ca51a29852e6f39f/components/update_client/BUILD.gn
[modify] https://crrev.com/b764761949ea8376c93fb682ca51a29852e6f39f/components/update_client/DEPS
[modify] https://crrev.com/b764761949ea8376c93fb682ca51a29852e6f39f/components/update_client/update_query_params.cc
[modify] https://crrev.com/b764761949ea8376c93fb682ca51a29852e6f39f/components/update_client/update_query_params.h
[modify] https://crrev.com/b764761949ea8376c93fb682ca51a29852e6f39f/components/update_client/update_query_params_unittest.cc
[modify] https://crrev.com/b764761949ea8376c93fb682ca51a29852e6f39f/extensions/browser/updater/extension_downloader.cc
[modify] https://crrev.com/b764761949ea8376c93fb682ca51a29852e6f39f/extensions/browser/updater/extension_downloader.h
[modify] https://crrev.com/b764761949ea8376c93fb682ca51a29852e6f39f/extensions/browser/updater/manifest_fetch_data.cc
[modify] https://crrev.com/b764761949ea8376c93fb682ca51a29852e6f39f/extensions/browser/updater/manifest_fetch_data.h

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/70dab6f4ff7ddadd4b1da803bfb0baf93a8f0512

commit 70dab6f4ff7ddadd4b1da803bfb0baf93a8f0512
Author: rdevlin.cronin <rdevlin.cronin@chromium.org>
Date: Wed Apr 19 18:05:25 2017

[Extensions] Only add traffic management headers for webstore updates

Instead of adding traffic management headers for all update pings, only
include them for pings sent to the webstore.

BUG= 647516 

Review-Url: https://codereview.chromium.org/2823923002
Cr-Commit-Position: refs/heads/master@{#465668}

[modify] https://crrev.com/70dab6f4ff7ddadd4b1da803bfb0baf93a8f0512/chrome/browser/extensions/updater/extension_updater_unittest.cc
[modify] https://crrev.com/70dab6f4ff7ddadd4b1da803bfb0baf93a8f0512/extensions/browser/updater/extension_downloader.cc

The header names have been changed, we need to make a string substitution to update them:

X-GoogleUpdate-Interactivity -> X-Goog-Update-Interactivity
X-GoogleUpdate-AppId         -> X-Goog-Update-AppId
X-GoogleUpdate-Updater       -> X-Goog-Update-Updater

Minh's been in the area lately; Minh, do you want to add this to your queue?

I'll make a change in the extension updater.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/f334ee7bfbed26779563e88d1e5128f8bc632d50

commit f334ee7bfbed26779563e88d1e5128f8bc632d50
Author: Sorin Jianu <sorin@chromium.org>
Date: Tue Mar 13 17:00:54 2018

Rename interactivity headers in the extensions updater.

The header names have been changed, we need to make a string substitution t
o update them:

X-GoogleUpdate-Interactivity -> X-Goog-Update-Interactivity
X-GoogleUpdate-AppId         -> X-Goog-Update-AppId
X-GoogleUpdate-Updater       -> X-Goog-Update-Updater


Bug:  647516 
Change-Id: I147ca276837ece5e9e8c28aa3a871b5ac5cae3b5
Reviewed-on: https://chromium-review.googlesource.com/959555
Reviewed-by: Devlin <rdevlin.cronin@chromium.org>
Commit-Queue: Sorin Jianu <sorin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#542829}
[modify] https://crrev.com/f334ee7bfbed26779563e88d1e5128f8bc632d50/extensions/browser/updater/extension_downloader.cc