Open Bug 1465074 Opened 2 years ago Updated 2 years ago

Allow range requests to pass through a service worker


(Core :: DOM: Service Workers, defect, P2)




Tracking Status
firefox62 --- affected


(Reporter: jaffathecake, Unassigned)


(Blocks 2 open bugs)


Spec change:
Security issues to pay attention to:

This spec change means that rage requests (such as those from media elements) are allowed to pass through a service worker as long as they aren't modified. This fixes a long standing issue where media elements behave oddly if intercepted by a service worker (as the range headers were lost).

How media elements ingest partial responses remains unspecified for now. See the attacks in & their mitigations. Attack 4 is already covered in the tests.
Component: Untriaged → DOM: Service Workers
Product: Firefox → Core
Duplicate of this bug: 1404041
Priority: -- → P2
Looks like we already blocked 206 responses in Cache API in bug 1264181.
Depends on: 1264181
Blocks: 1477391
See Also: 1477391
You need to log in before you can comment on or make changes to this bug.