-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upstream 'SharedWorker()' changes from Secure Contexts. #1560
Conversation
@domenic, @foolip: Mind taking a look at this? It attempts to integrate https://w3c.github.io/webappsec-secure-contexts/#monkey-patching-shared-workers with HTML; basically copy/paste, with one reordering so that I wouldn't have to redefine a term. WDYT? |
spec="SECURE-CONTEXTS"></p> | ||
|
||
<ul class="brief"> | ||
<li><dfn data-noexport="" data-x-href="https://w3c.github.io/webappsec-secure-contexts/#settings-object">Is environment settings object a secure context?</dfn></li> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
data-noexport=""
is not actually needed; we made a mistake adding it to other things in this area.
Some editorial nits, but overall this seems good. |
I've taken another pass; thanks for the review! If you're happy with the changes, I'll squash the patch down to one commit for you. |
<li><p>Let <var>settings object</var> be the <span>relevant settings object</span> for | ||
<var>worker global scope</var>.</p></li> | ||
|
||
<li><p>If the result of executing the <span>Is environment settings object a secure |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Either remove "the" or add "algorithm" afterward
LGTM with one nit. Did you want @foolip's sign-off too, or should I merge after you push? |
Monkey-patches bad. Upstreaming good. Closes w3c/webappsec-secure-contexts#31.
Nit addressed (by removing "the"). I CC'd @foolip because he's in my time zone; I think you have enough context to decide whether this is mergable or not. I'm happy to see it just land rather than waiting until Monday. :) |
\o/! |
Do we want to throw, or to fire an error event like we would for an origin check failure? //cc @annevk |
Monkey-patches bad. Upstreaming good. Closes w3c/webappsec-secure-contexts#31.