Nice docs by @fugueish on service worker security considerations: https://sites.google.com/a/chromium.org/dev/Home/chromium-security/security-faq/service-worker-security-faq …
-
-
Replying to @fugueish @CopperheadOS and
FAQ suggests push notifications are just one of the ways to keep SWs running. What are the others? Do they all require user permission?
1 reply 0 retweets 1 like -
Background Sync will allow one-shot wakeups. No ability to schedule arbitrary wakeups w/o user consent.
2 replies 0 retweets 0 likes -
Replying to @slightlylate @__agwa and
The user isn't consenting if they're only accepting something like notifications, not background coarse location tracking via IP, etc.
1 reply 0 retweets 0 likes -
Replying to @CopperheadOS @slightlylate and
Notifications / push != persistent, background application to an end user, even experts on web standards and security that missed this.
2 replies 0 retweets 0 likes -
Replying to @CopperheadOS @slightlylate and
Is there a sample application somewhere with use of periodic events, rather than push?
1 reply 0 retweets 0 likes -
Replying to @CopperheadOS @__agwa and
There is no periodic sync implemented anywhere, in any browser. Does not exist.
1 reply 0 retweets 0 likes
...which folks who play with the API or look the source code can know easily. E.g.: https://cs.chromium.org/chromium/src/third_party/WebKit/Source/modules/background_sync/SyncManager.idl?dr=C …
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
& Web Standards TL; Blink API OWNER
Named PWAs w/
DMs open. Tweets my own; press@google.com for official comms.