[w3c/ServiceWorker] what happens if an initial about:blank inherits a controller, but its navigation request does not match any service worker? (#1232) from Ben Kelly on 2017-11-22 (public-webapps-github@w3.org from November 2017)

From: Ben Kelly <notifications@github.com>
Date: Wed, 22 Nov 2017 01:27:55 +0000 (UTC)
To: w3c/ServiceWorker <ServiceWorker@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/ServiceWorker/issues/1232@github.com>

Consider the following situation.

```
// -------
// foo.com/scope1/index.html
<iframe id="child" srv="/scope2/index.html"></iframe>
<script>
// controlled by a service worker with scope foo.com/scope1
assert(!!navigator.serviceWorker.controller)

let frame = document.getElementById('child');

// twiddle a value on the global
frame.contentWindow.foo = 'bar';

// the initial about:blank should inherit the controller
assert(frame.contentWindow.navigator.serviceWorker.scriptURL ===
navigator.serviceWorker.controller.scriptURL);

// -----------
// foo.com/scope2/index.html
// no service worker controlling this scope

// does this log "bar" as we would normally expect after sharing the about:blank global?
console.log(self.foo);

// does this log null or undefined as it normally would if the page was loaded without a parent
console.log(navigator.serviceWorker.controller);
</script>
```

This situation normally requires replacing the about:blank document with the final document so the global is shared. You can see this with the `foo` global being passed through the load.

We also agreed to inherit the service worker to initial about:blank windows, though.

When the final load is not under a controlled scope, but the initial about:blank was controlled via parent inheritance, what should the final `navigator.serviceWorker.controller` be?

The natural answer is "clear the controller" if the final load does not make a scope. This is somewhat unprecedented, though. Nowhere else in the system do we allow a client to go from controlled to uncontrolled. There is no event or anything that this is happening. We would also have to deal with the page stashing the controller reference in another global, etc.

I'd like to suggest that we require a new global to be created in this situation. If the initial about:blank is controlled, but the final load should not be controlled, then we don't do the document replacement. Instead we treat it similar to other cases (cross-origin, etc) where a new global is created.

@jakearchibald @jungkees @annevk What do you think?

--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/ServiceWorker/issues/1232

Received on Wednesday, 22 November 2017 01:28:19 UTC