Re: [w3c/ServiceWorker] Require `[SecureContext]` for interfaces with `[Exposed=ServiceWorker]` or not? (Issue #1749) from Kagami Sascha Rosylight on 2025-02-13 (public-webapps-github@w3.org from February 2025)

From: Kagami Sascha Rosylight <notifications@github.com>
Date: Thu, 13 Feb 2025 03:22:53 -0800
To: w3c/ServiceWorker <ServiceWorker@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/ServiceWorker/issues/1749/2656295470@github.com>

> Therefore, even if there is no explicit SecureContext, I assume it actually be executed inside.

Agreed.

> ...stepping back, in [w3c/push-api#397](https://github.com/w3c/push-api/issues/397), you say Firefox has a way to run ServiceWorker without secure context. Is that a case?

Yes, for local testing purpose if and only if devtools is opened and the user opted in.

![In Firefox devtools advanced settings, there is "Enable Service Workers over HTTP" checkbox. The description says "Turning this option will enable the service workers over HTTP for all tabs that have the toolbox open](https://github.com/user-attachments/assets/c2d64774-c3ff-44c2-8417-5f6707346f26)

We make sure that all service worker interfaces would be exposed in such cases so that the testing environment would be as equivalent as possible to real world environment.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3c/ServiceWorker/issues/1749#issuecomment-2656295470
You are receiving this because you are subscribed to this thread.

Message ID: <w3c/ServiceWorker/issues/1749/2656295470@github.com>

Received on Thursday, 13 February 2025 11:22:57 UTC