- From: manuelmitasch <notifications@github.com>
- Date: Thu, 28 May 2015 09:49:59 -0700
- To: slightlyoff/ServiceWorker <ServiceWorker@noreply.github.com>
Received on Thursday, 28 May 2015 16:50:26 UTC
> I don't think any solution that applies only to caches makes sense. It should apply to all types of storage uniformly. While I agree that the problem exists for all storage types, it seems unrealistic to solve it for existing APIs without breaking existing applications. At the same time it does not seem like a good idea to introduce new APIs with the same problem. >> Although this is possible with idb and localstorage, it's much more likely with caches. > This seems false. Can you elaborate why this seems false to you? To me the combination of service workers ability to intercept fetch events and a general purpose cache API makes attacks on these APIs very likely. Therefore, security issues must be considered very carefully. --- Reply to this email directly or view it on GitHub: https://github.com/slightlyoff/ServiceWorker/issues/698#issuecomment-106482749
Received on Thursday, 28 May 2015 16:50:26 UTC