Closed Bug 1237623 Opened 8 years ago Closed 6 years ago

support some mixed content in service workers

Categories

(Core :: DOM: Service Workers, defect)

Product:
Core
Component:
DOM: Service Workers
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WONTFIX

People

(Reporter: bkelly, Unassigned)

References

(Blocks 1 open bug)

Details

The spec has been updated to allow passthrough requests to succeed even with mixed  content.  See step 3.1 here:

  https://w3c.github.io/webappsec-mixed-content/#should-block-fetch

There are still some open questions, though.  For example, how is the "passthrough concept" represented and is it something persisted in Cache API.

This probably intersects with bug 1183625 a bit.
I'm unclear on the purpose of this, so it would be great if you could expand on why we need an exception.

"A passthrough request
is a request (request) which is created in a browsing context (e.g. via an img tag in a document), but serviced by a Service Worker (e.g. by calling fetch(e.request) from within an onfetch event handler). As described in §7.5 Service Workers, we special-case these kinds of requests in order to allow web developers to layer service workers on top of an existing site which relies on requesting optionally-blockable mixed content."

Is a passthrough request going to get its own content type?
I believe we decided not to implement this at the April 2017 service worker spec meeting in Tokyo.  Service workers have been adopted without permitting this and its something we would prefer not to open up.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.