Upstream 'SharedWorker()' changes from Secure Contexts. #1560
Conversation
|
@domenic, @foolip: Mind taking a look at this? It attempts to integrate https://w3c.github.io/webappsec-secure-contexts/#monkey-patching-shared-workers with HTML; basically copy/paste, with one reordering so that I wouldn't have to redefine a term. WDYT? |
| spec="SECURE-CONTEXTS"></p> | ||
|
|
||
| <ul class="brief"> | ||
| <li><dfn data-noexport="" data-x-href="https://w3c.github.io/webappsec-secure-contexts/#settings-object">Is environment settings object a secure context?</dfn></li> |
There was a problem hiding this comment.
data-noexport="" is not actually needed; we made a mistake adding it to other things in this area.
|
Some editorial nits, but overall this seems good. |
|
I've taken another pass; thanks for the review! If you're happy with the changes, I'll squash the patch down to one commit for you. |
| <li><p>Let <var>settings object</var> be the <span>relevant settings object</span> for | ||
| <var>worker global scope</var>.</p></li> | ||
|
|
||
| <li><p>If the result of executing the <span>Is environment settings object a secure |
There was a problem hiding this comment.
Either remove "the" or add "algorithm" afterward
|
LGTM with one nit. Did you want @foolip's sign-off too, or should I merge after you push? |
Monkey-patches bad. Upstreaming good. Closes w3c/webappsec-secure-contexts#31.
|
Nit addressed (by removing "the"). I CC'd @foolip because he's in my time zone; I think you have enough context to decide whether this is mergable or not. I'm happy to see it just land rather than waiting until Monday. :) |
|
\o/! |
|
Do we want to throw, or to fire an error event like we would for an origin check failure? //cc @annevk |
Monkey-patches bad. Upstreaming good. Closes w3c/webappsec-secure-contexts#31.