Re: [ServiceWorker] Make secure context requirements more explicit (#754) from Jungkee Song on 2015-09-30 (public-webapps-github@w3.org from September 2015)

From: Jungkee Song <notifications@github.com>
Date: Wed, 30 Sep 2015 01:44:36 -0700
To: slightlyoff/ServiceWorker <ServiceWorker@noreply.github.com>
Message-ID: <slightlyoff/ServiceWorker/issues/754/144329370@github.com>

> https://github.com/slightlyoff/BackgroundSync/issues/90#issuecomment-142991076

This should be clarified first. When writing the [secure context section](https://slightlyoff.github.io/ServiceWorker/spec/service_worker/index.html#secure-context), I think I didn't take into account the case where the client having a potentially trustworthy origin is embedded in an insecure context.

I think the minimum requirement is "A SW should be executed in its registering client's origin which is potentially secure." Is there any reason that such clients embedded in insecure context should not access the SW?

---
Reply to this email directly or view it on GitHub:
https://github.com/slightlyoff/ServiceWorker/issues/754#issuecomment-144329370

Received on Wednesday, 30 September 2015 08:45:09 UTC