Abstract

This specification defines an API that provides the current time in sub-millisecond resolution and such that it is not subject to system clock skew or adjustments.

Status of This Document

This section describes the status of this document at the time of its publication. Other documents may supersede this document. A list of current W3C publications and the latest revision of this technical report can be found in the W3C technical reports index at https://www.w3.org/TR/.

High Resolution Time Level 2 replaces the first version of High Resolution Time [HR-TIME] and includes:

This document was published by the Web Performance Working Group as a Working Draft. This document is intended to become a W3C Recommendation. If you wish to make comments regarding this document, please send them to public-web-perf@w3.org (subscribe, archives) with [hr-time] at the start of your email's subject. All comments are welcome.

Publication as a Working Draft does not imply endorsement by the W3C Membership. This is a draft document and may be updated, replaced or obsoleted by other documents at any time. It is inappropriate to cite this document as other than work in progress.

This document was produced by a group operating under the 5 February 2004 W3C Patent Policy. W3C maintains a public list of any patent disclosures made in connection with the deliverables of the group; that page also includes instructions for disclosing a patent. An individual who has actual knowledge of a patent which the individual believes contains Essential Claim(s) must disclose the information in accordance with section 6 of the W3C Patent Policy.

This document is governed by the 1 September 2015 W3C Process Document.

1. Introduction

This section is non-normative.

The ECMAScript Language specification [ECMA-262] defines the Date object as a time value representing time in milliseconds since 01 January, 1970 UTC. For most purposes, this definition of time is sufficient as these values represent time to millisecond precision for any instant that is within approximately 285,616 years from 01 January, 1970 UTC. The DOMTimeStamp is defined similarly [WebIDL].

In practice, these definitions of time are subject to both clock skew and adjustment of the system clock. The value of time may not always be monotonically increasing and subsequent values may either decrease or remain the same.

For example, the following script may log a positive number, negative number, or zero.

Example 1
var mark_start = Date.now();
runSomeApplicationTask();

if (window.console)
  window.console.log('Duration of task: ' + (Date.now() - mark_start));

For certain tasks this definition of time may not be sufficient as it does not allow for sub-millisecond resolution and is subject to system clock skew. For example,

This specification does not propose changing the behavior of Date.now() [ECMA-262] as it is genuinely useful in determining the current value of the calendar time and has a long history of usage. The DOMHighResTimeStamp type and the Performance.now method of the Performance interface resolve the issues summarized in this section by providing a monotonically increasing time value in sub-millisecond resolution.

1.1 Example

This section is non-normative.

A developer can record and report a high-resolution timeline of their application for further offline analysis.

Example 2
var task_start = performance.now();
runSomeApplicationTask();
var task_end = performance.now();

// developer provided method to upload runtime performance data
reportEventToAnalytics({
  'task': 'Some document task',
  'start_time': task_start,
  'duration': task_end - task_start
});

2. Conformance

As well as sections marked as non-normative, all authoring guidelines, diagrams, examples, and notes in this specification are non-normative. Everything else in this specification is normative.

The key words MUST and SHOULD are to be interpreted as described in [RFC2119].

Some conformance requirements are phrased as requirements on attributes, methods or objects. Such requirements are to be interpreted as requirements on user agents.

The IDL fragments in this specification must be interpreted as required for conforming IDL fragments, as described in the Web IDL specification. [ WebIDL]

3. Time Origin

The time origin is the time value from which time is measured:

4. The DOMHighResTimeStamp Type

The DOMHighResTimeStamp type is used to store a time value measured relative from the time origin or a time value that represents a duration between two DOMHighResTimeStamps.

typedef double DOMHighResTimeStamp;

A DOMHighResTimeStamp SHOULD represent a time in milliseconds accurate to 5 microseconds - see 8. Privacy and Security.

Note

If the User Agent is unable to provide a time value accurate to 5 microseconds due to hardware or software constraints, the User Agent can represent a DOMHighResTimeStamp as a time in milliseconds accurate to a millisecond.

5. The Performance interface

[Exposed=(Window,Worker)]
interface Performance : EventTarget {
    DOMHighResTimeStamp now();
    serializer = {attribute};
};

The now() method MUST return a DOMHighResTimeStamp representing the time in milliseconds from the time origin to the occurrence of the call to the Performance.now method.

6. The performance attribute

The GlobalPerformance.performance attribute allows access to performance related attributes and methods from the global object.

[NoInterfaceObject,
 Exposed=(Window,Worker)]
interface GlobalPerformance {
    [Replaceable]
    readonly attribute Performance performance;
};

Window implements GlobalPerformance;

WorkerGlobalScope implements GlobalPerformance;

7. Monotonic Clock

The time values returned when calling the Performance.now method on Performance objects with the same time origin MUST be monotonically increasing and not subject to system clock adjustments or system clock skew. The difference between any two chronologically recorded time values returned from the Performance.now method MUST never be negative if the two time values have the same time origin.

8. Privacy and Security

Access to accurate timing information, both for measurement and scheduling purposes, is a common requirement for many applications. For example, coordinating animations, sound, and other activity on the page requires access to high-resolution time to provide a good user experience. Similarly, measurement enables developers to track the performance of critical code components, detect regressions, and so on.

However, access to the same accurate timing information can sometimes be also used for malicious purposes by an attacker to guess and infer data that they can't see or access otherwise. For example, cache attacks and statistical fingerprinting is a privacy and security concern where a malicious web site may use high resolution timing data of various browser or application-initiated operations to differentiate between subset of users, and in some cases identify a particular user - see [ CACHE-ATTACKS].

This specification defines an API that provides sub-millisecond time resolution, which is more accurate than the previously available millisecond resolution exposed by DOMTimeStamp. However, even without this new API an attacker may be able to obtain high-resolution estimates through repeat execution and statistical analysis. To ensure that the new API does not significantly improve the accuracy or speed of such attacks, the recommended minimum resolution of the Performance interface should be set to 5 microseconds.

Mitigating such timing side channel attacks entirely is practically not possible: either all operations would have to execute in a time that does not vary based on the value of any confidential information, or, the application would need to be isolated from any time-related primitives (clock, timers, counters, etc). Neither is practical due to the associated complexity for the browser and application developers and the associated negative effects on performance and responsiveness of applications.

A. Acknowledgments

The editors would like to thank the following people for contributing to this specification: Karen Anderson, Nat Duca, Tony Gentilcore, Arvind Jain, Jason Weber, Boris Zbarsky, Yossef Oren, Vasileios P. Kemerlis, Simha Sethumadhavan, and Angelos D. Keromytis to acknowledge their contributions to this work.

B. References

B.1 Normative references

[HTML51]
Steve Faulkner; Arron Eicholz; Travis Leithead; Alex Danilo. W3C. HTML 5.1. 15 September 2016. W3C Proposed Recommendation. URL: https://www.w3.org/TR/html51/
[RFC2119]
S. Bradner. IETF. Key words for use in RFCs to Indicate Requirement Levels. March 1997. Best Current Practice. URL: https://tools.ietf.org/html/rfc2119
[SERVICE-WORKERS]
Alex Russell; Jungkee Song; Jake Archibald. W3C. Service Workers. 25 June 2015. W3C Working Draft. URL: https://www.w3.org/TR/service-workers/
[WORKERS]
Ian Hickson. W3C. Web Workers. 24 September 2015. W3C Working Draft. URL: https://www.w3.org/TR/workers/
[WebIDL]
Cameron McCormack; Boris Zbarsky. W3C. WebIDL Level 1. 15 September 2016. W3C Proposed Recommendation. URL: https://www.w3.org/TR/WebIDL-1/

B.2 Informative references

[CACHE-ATTACKS]
Yossef Oren; Vasileios P. Kemerlis; Simha Sethumadhavan; Angelos D. Keromytis. The Spy in the Sandbox - Practical Cache Attacks in Javascript. March 2015. URL: http://arxiv.org/abs/1502.07373
[ECMA-262]
Ecma International. ECMAScript Language Specification. URL: https://tc39.github.io/ecma262/
[HR-TIME]
Jatinder Mann. W3C. High Resolution Time. 17 December 2012. W3C Recommendation. URL: https://www.w3.org/TR/hr-time/