- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Tue, 29 Jul 2014 18:26:27 +0200
- To: Brad Hill <hillbrad@gmail.com>
- Cc: Joshua Peek <josh@joshpeek.com>, Mike West <mkwst@google.com>, Devdatta Akhawe <dev.akhawe@gmail.com>, Ilya Grigorik <igrigorik@google.com>, Jeffrey Yasskin <jyasskin@google.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>, Jake Archibald <jakearchibald@google.com>, Alex Russell <slightlyoff@google.com>
On Tue, Jul 29, 2014 at 6:19 PM, Brad Hill <hillbrad@gmail.com> wrote: > Well, a non-same-origin service worker doesn't make sense anyway, and > neither do any of the current sandbox directives, so I'm not sure > there is a good case for using sandbox on service workers except in > this manner to disable them. Wouldn't a specific header be better in that case? Or maybe if the page is sandboxed it should not be able to have a service worker? -- http://annevankesteren.nl/
Received on Tuesday, 29 July 2014 16:26:55 UTC