Re: [w3c/ServiceWorker] reserved Client objects and redirected navigations (#1031) from Jungkee Song on 2016-12-20 (public-webapps-github@w3.org from December 2016)

From: Jungkee Song <notifications@github.com>
Date: Tue, 20 Dec 2016 00:26:50 -0800
To: w3c/ServiceWorker <ServiceWorker@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/ServiceWorker/issues/1031/268183526@github.com>

> the only issues to resolve here is the cross-origin postMessage().

> So I now think it would be a bit better to keep the same reserved Client when a redirect is same-origin. If a redirect cross origin boundaries then a new reserved Client would need to be created.

I like this reasoning but see a corner case with the same-origin redirect scenario:

Browser has two registrations for an origin: foo.com/a/ and foo.com/b/.

1. Browser navigates a new tab to https://foo.com/a/resource.
1. https://foo.com/a/resource is intercepted by the foo.com/a/ SW and passed through to the network.
1. https://foo.com/a/resource redirects to https://foo.com/b/resource.
1. https://foo.com/b/resource is intercepted by the foo.com/b/ SW.

In this case, if step 2 and step 4 called `postMessage()` to their reserved clients, they will be queued for the same client. I think client matching needs a new client.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/ServiceWorker/issues/1031#issuecomment-268183526

Received on Tuesday, 20 December 2016 08:27:22 UTC