Re: [w3c/ServiceWorker] should prefetch loads trigger FetchEvents? (#1302) from Ben Kelly on 2018-04-17 (public-webapps-github@w3.org from April 2018)

From: Ben Kelly <notifications@github.com>
Date: Tue, 17 Apr 2018 16:08:41 +0000 (UTC)
To: w3c/ServiceWorker <ServiceWorker@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/ServiceWorker/issues/1302/382049824@github.com>

A service worker can store things in IDB, make unrelated network requests, etc.  So I think it has wider privacy implications than normal cookies.  Its probably important that we don't trigger a different origin service worker based on only a <link> element here.  Or if we do, allow the browser to knowingly handle it like loading an iframe so 3rd party content policies can be enforced.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/ServiceWorker/issues/1302#issuecomment-382049824

Received on Tuesday, 17 April 2018 16:09:04 UTC