The spec has been updated to allow passthrough requests to succeed even with mixed content. See step 3.1 here: https://w3c.github.io/webappsec-mixed-content/#should-block-fetch There are still some open questions, though. For example, how is the "passthrough concept" represented and is it something persisted in Cache API. This probably intersects with bug 1183625 a bit.
I'm unclear on the purpose of this, so it would be great if you could expand on why we need an exception. "A passthrough request is a request (request) which is created in a browsing context (e.g. via an img tag in a document), but serviced by a Service Worker (e.g. by calling fetch(e.request) from within an onfetch event handler). As described in §7.5 Service Workers, we special-case these kinds of requests in order to allow web developers to layer service workers on top of an existing site which relies on requesting optionally-blockable mixed content." Is a passthrough request going to get its own content type?
I believe we decided not to implement this at the April 2017 service worker spec meeting in Tokyo. Service workers have been adopted without permitting this and its something we would prefer not to open up.
Status: NEW → RESOLVED
Last Resolved: a year ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.