Nice docs by @fugueish on service worker security considerations: https://sites.google.com/a/chromium.org/dev/Home/chromium-security/security-faq/service-worker-security-faq …
Every API we add has the potential for misdesign. That's why we focus on working in standards and ensuring impl flexibility.
-
-
For instance, for one-shot background sync, one idea we discussed was only allowing site/network pairs that had been previously seen.
-
And the API has been designed to allow a flexible policy like this should we decide it's better in the future.
- 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
& Web Standards TL; Blink API OWNER
Named PWAs w/
DMs open. Tweets my own; press@google.com for official comms.