Nice docs by @fugueish on service worker security considerations: https://sites.google.com/a/chromium.org/dev/Home/chromium-security/security-faq/service-worker-security-faq …
-
-
Replying to @fugueish @slightlylate and
Updated JavaScript code + network access with a periodic sync event is really bad. Haven't been thinking about anything else, really.
1 reply 0 retweets 0 likes -
Replying to @CopperheadOS @fugueish and
Just so we're super clear: backround sync API is one-shot sync, not periodic.
1 reply 0 retweets 1 like -
Replying to @slightlylate @fugueish and
Yeah, but they do exist, and the permissions don't communicate the privacy and security risk, which seems to be missed anyways.
1 reply 0 retweets 0 likes
Replying to @CopperheadOS @fugueish and
We have thought hard about all of these aspects. Of course, might have missed something! Looking forward to your POC = )
4:55 PM - 12 May 2017
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
& Web Standards TL; Blink API OWNER
Named PWAs w/
DMs open. Tweets my own; press@google.com for official comms.