Re: [ServiceWorker] self.caches should spec what to do for "untrusted" origins (#687) from Joshua Bell on 2015-04-24 (public-webapps-github@w3.org from April 2015)

From: Joshua Bell <notifications@github.com>
Date: Fri, 24 Apr 2015 13:28:18 -0700
To: slightlyoff/ServiceWorker <ServiceWorker@noreply.github.com>
Message-ID: <slightlyoff/ServiceWorker/issues/687/96055203@github.com>

FWIW, in Chrome we still expose the globals, but `self.caches` throws a `SecurityError` on access with details about why the access was denied. This is consistent with what we do for  `window.sessionStorage`, `window.localStorage`.

For Indexed DB we instead throw on access to the `open()`/`deleteDatabase()` methods hanging off the `indexedDB` global.


---
Reply to this email directly or view it on GitHub:
https://github.com/slightlyoff/ServiceWorker/issues/687#issuecomment-96055203

Received on Friday, 24 April 2015 20:28:46 UTC