[ServiceWorker] under what conditions should sandboxed iframes be intercepted? (#648) from Ben Kelly on 2015-03-11 (public-webapps-github@w3.org from March 2015)

From: Ben Kelly <notifications@github.com>
Date: Tue, 10 Mar 2015 18:01:35 -0700
To: slightlyoff/ServiceWorker <ServiceWorker@noreply.github.com>
Message-ID: <slightlyoff/ServiceWorker/issues/648@github.com>

We've run across a question during implementation:

  Should sandboxed iframes be intercepted by the ServiceWorker?

Presumably this is only a question if the allow-same-origin exception is set on the iframe as well.  Otherwise the iframe is considered a separate origin.

Should we also require allow-scripts to be set in order for interception to occur?  It seems fetch event triggering a ServiceWorker is an implicit way to run scripts.

What does blink currently do here?

---
Reply to this email directly or view it on GitHub:
https://github.com/slightlyoff/ServiceWorker/issues/648

Received on Wednesday, 11 March 2015 01:02:01 UTC