wbamberg
commented
9 months ago Thank you François! I agree we should add this check, and yay for having ServiceWorkerGlobalScope marked secure context!
Open tidoust opened 9 months ago
wbamberg
commented
9 months ago Thank you François! I agree we should add this check, and yay for having ServiceWorkerGlobalScope marked secure context!
Reporting the gist of the discussion in https://github.com/w3c/webref/issues/1142#issuecomment-1929678201: to avoid redundancy, interfaces may not be flagged as
[SecureContext]in specs when they are only exposed to globals that are themselves only available in secure contexts, such as theServiceWorkerglobal. As a result, the logic that determines whether an IDL construct is secure context only also needs to take globals into account.Updating the logic may not be worth the hassle in practice. This would likely only add the
ExtendableCookieChangeEventto the list of interfaces that are only usable in secure contexts.(For Service Workers, the underlying interface
ServiceWorkerGlobalScopedid not have a[SecureContext]flag. Now fixed in the spec!)