- From: Marijn Kruisselbrink <notifications@github.com>
- Date: Mon, 16 May 2016 10:18:01 -0700
- To: slightlyoff/ServiceWorker <ServiceWorker@noreply.github.com>
- Cc:
Received on Monday, 16 May 2016 17:19:16 UTC
Currently a foreign fetch handler can reply with a non-opaque response by including the origin of the request in the response. If a request was made from an opaque orgin this will never work though, as the origin serialized as string will always be "null", which won't actually be equal to the requests origin. With regular CORS, a server can always reply with `Access-Control-Allow-Origin: *` to cover unique origins, but currently we don't allow wildcards in foreign fetch handlers. Should wildcards be supported? Or should opaque origins somehow be supported? Or should requests from opaque origins not hit foreign fetch workers at all, since they can't reply to them meaningfully (except if the request was `no-cors`). --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/slightlyoff/ServiceWorker/issues/900
Received on Monday, 16 May 2016 17:19:16 UTC