- From: Jake Archibald <notifications@github.com>
- Date: Mon, 25 Jul 2016 07:38:36 -0700
- To: slightlyoff/ServiceWorker <ServiceWorker@noreply.github.com>
Received on Monday, 25 July 2016 14:39:20 UTC
Great catch. And ughhghghgh. Of course, a navigation to a secure origin with no means to communicate with the window that initiated the request should be considered secure. I'm grumpy about the `target="_blank"` case here. Seems shitty that another website can stop my service worker working. We might need some kind of registration option to declaratively disown opener. Related, but won't work for us https://github.com/w3c/webappsec/issues/517 --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/slightlyoff/ServiceWorker/issues/890#issuecomment-234972242
Received on Monday, 25 July 2016 14:39:20 UTC