- From: Marijn Kruisselbrink <notifications@github.com>
- Date: Mon, 08 Feb 2016 13:09:36 -0800
- To: slightlyoff/ServiceWorker <ServiceWorker@noreply.github.com>
Received on Monday, 8 February 2016 21:10:21 UTC
Okay, I changed it to move the origin checks to be done before a job is created. Also made the link element processing more in line with how other specs process link elements. One thing I was wondering is if processing of a Link: header should somehow make sure that the response on which the header is set is the response to a request that originated in a secure context. I think having such a check would make sense, but specifying it is slightly tricky since the whole Link: header processing isn't very precisely defined currently. Ideally there would just be a step somewhere in the fetch spec where Link: headers are processed, at which point the algorithm would have access to the client associated with the request. Maybe currently it's enough to be hand-wavy about where such a client might come from. --- Reply to this email directly or view it on GitHub: https://github.com/slightlyoff/ServiceWorker/pull/828#issuecomment-181542565
Received on Monday, 8 February 2016 21:10:21 UTC