Open Bug 1223624 Opened 4 years ago Updated 4 years ago

IsURIPotentiallyTrustworthy should check nesting and wss


(Core :: Security, defect)

44 Branch
Not set




(Reporter: tanvi, Unassigned)



IsURIPotentiallyTrustworthy should check nested protocols.  We probably should just check the innermost scheme here against https, file, etc:

We should also add wss per spec.  I'm not sure why Service Workers need an API that doesn't accept wss (
Service workers explicitly wants only http/https.  I just landed checks in SWM to do this after the trustworthy check is made.

I raised a spec issue about this:
No longer blocks: 1162772
See Also: → 1162772
You need to log in before you can comment on or make changes to this bug.