- From: Val Packett <notifications@github.com>
- Date: Fri, 07 Jul 2023 02:06:47 -0700
- To: w3c/ServiceWorker <ServiceWorker@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Friday, 7 July 2023 09:06:53 UTC
Oh, one key thing I've just realized: to not allow attackers to "permanently screw up" a compromised site that was using the normal mode (or no SWs at all), opting in to the secure mode should require at least a permission prompt, and probably be reflected in the browser UI (such as a "lock with refresh arrows" icon in place of the normal lock icon). -- Reply to this email directly or view it on GitHub: https://github.com/w3c/ServiceWorker/issues/822#issuecomment-1625099697 You are receiving this because you are subscribed to this thread. Message ID: <w3c/ServiceWorker/issues/822/1625099697@github.com>
Received on Friday, 7 July 2023 09:06:53 UTC