Re: [ServiceWorker] Make secure context requirements more explicit (#754) from Marijn Kruisselbrink on 2015-10-05 (public-webapps-github@w3.org from October 2015)

From: Marijn Kruisselbrink <notifications@github.com>
Date: Mon, 05 Oct 2015 16:25:52 -0700
To: slightlyoff/ServiceWorker <ServiceWorker@noreply.github.com>
Message-ID: <slightlyoff/ServiceWorker/issues/754/145697101@github.com>

Yes, this was raised because 1) the current spec doesn't specify what should and shouldn't be available to a potential client in an insecure context (I agree that probably nothing should be available there, to be least surprising, and avoid the trivial postMessage wrapper), and 2) the current spec doesn't specify what should happen if an insecure context tries to access any of the API.

I assume for 2) that controller always returns undefined, ready returns a promise that always rejects, and all the methods also return promises that always reject? Although for ready the spec says that it will never reject, so maybe in this case it should also just return a promise that never resolves nor rejects?

---
Reply to this email directly or view it on GitHub:
https://github.com/slightlyoff/ServiceWorker/issues/754#issuecomment-145697101

Received on Monday, 5 October 2015 23:26:24 UTC