- From: Anne van Kesteren <notifications@github.com>
- Date: Fri, 12 Dec 2014 07:00:40 -0800
- To: slightlyoff/ServiceWorker <ServiceWorker@noreply.github.com>
Received on Friday, 12 December 2014 15:01:07 UTC
For client requests related to workers this is not possible since those require same-origin responses. I guess the mode for "form" et al is "no-cors" so we do indeed have an issue of sorts there. Is anything but opaque response okay in those scenarios? E.g. if the SW passes a CORS response back the UA would need to enforce the CORS filtered response limitations otherwise you could embed something in an `<iframe>` and get more data out of it. --- Reply to this email directly or view it on GitHub: https://github.com/slightlyoff/ServiceWorker/issues/590#issuecomment-66782906
Received on Friday, 12 December 2014 15:01:07 UTC