W3C home > Mailing lists > Public > public-webappsec@w3.org > October 2014

Service workers, dedicated workers, and the environment settings object

From: Anne van Kesteren <annevk@annevk.nl>
Date: Fri, 24 Oct 2014 13:09:56 +0200
Message-ID: <CADnb78gBO1wOjJwE-LKo4-mOFyJpdSwRr56pdb6GuFzemLRX+g@mail.gmail.com>
To: WebAppSec WG <public-webappsec@w3.org>
Cc: Ian Hickson <ian@hixie.ch>, Mike West <mkwst@google.com>, Alex Russell <slightlyoff@google.com>, Jake Archibald <jaffathecake@gmail.com>, Jungkee Song <jungkees@gmail.com>
The term environment below is something with its own global object: a
dedicated worker, a browsing context's Window object, a shared worker,
and a service worker.

An environment has an environment settings object (defined by HTML). I
expect us to store the CSP policy on the environment settings object.

A dedicated worker has a simple message channel with an environment.
Its API does not support association with multiple environments by
design. A dedicated worker also has its own CSP policy and a unique
Referer.

Since you cannot message to a dedicated worker from anything but the
environment that created it, from a service worker's perspective it
would make sense to not treat it as a "client", but instead expose the
environment settings object of the environment the dedicated worker
was created in. (A service worker exposes these "clients" as one end
of a message channel plus appropriate metadata, depending on the
environment of the "client".)

CSP policy, Referer, and Mixed Content depend on an environment's
environment settings object. From a Fetch perspective, we therefore
want a dedicated worker's environment settings object.

Given these constraints, here are some options:

1a) We treat a dedicated worker as a "client" anyway, but you cannot
communicate with it. Perhaps we expose a property so you can get hold
of the "client" that owns the dedicated worker so you can message with
that instead.

1b) Like a, but we figure out a way to let service workers communicate
with a dedicated worker.

2) We change dedicated workers so they have knowledge of the
environment that created them. We store that on the environment
settings object. Fetch then deals with giving everyone the environment
settings object they want.

Unless we do 1b, it seems we cannot get away with exposing the creator
of a dedicated worker. Both 1a) and 2) seem reasonable at that point.

Thoughts?


-- 
https://annevankesteren.nl/
Received on Friday, 24 October 2014 11:10:24 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:07 UTC