Upstream SharedWorker constructor changes from Secure Contexts

Monkey-patches bad. Upstreaming good. Closes w3c/webappsec-secure-contexts#31.
alice · Jan 7, 2019 · 58ce371 · 58ce371
1 parent d32e225
commit 58ce371
Showing 1 changed file with 20 additions and 2 deletions.
diff --git a/source b/source
@@ -3936,6 +3936,18 @@ a.setAttribute('href', 'http://example.com/'); // change the content attribute d
 
    </dd>
 
+   <dt>Secure Contexts</dt>
+
+   <dd>
+
+    <p>The following term is defined in <cite>Secure Contexts</cite>: <ref
+    spec="SECURE-CONTEXTS"></p>
+
+    <ul class="brief">
+     <li><dfn data-x-href="https://w3c.github.io/webappsec-secure-contexts/#settings-object">Is environment settings object a secure context?</dfn></li>
+    </ul>
+
+   </dd>
 
    <dt>MathML</dt>
 
@@ -97077,11 +97089,17 @@ interface <dfn>SharedWorker</dfn> : <span>EventTarget</span> {
       <p>If <var>worker global scope</var> is not null, then run these steps:</p>
 
       <ol>
-       <li><p>Associate <var>worker</var> with <var>worker global scope</var>.</p></li>
-
        <li><p>Let <var>settings object</var> be the <span>relevant settings object</span> for
        <var>worker global scope</var>.</p></li>
 
+       <li><p>If the result of executing <span>Is environment settings object a secure
+       context?</span> on <var>outside settings</var> does not match the result of executing
+       the same algorithm on <var>settings object</var>, then throw a
+       <span>"<code>SecurityError</code>"</span> <code>DOMException</code> and abort these steps.
+       <ref spec="SECURE-CONTEXTS"></li>
+
+       <li><p>Associate <var>worker</var> with <var>worker global scope</var>.</p></li>
+
        <li><p><span>Create a new <code>MessagePort</code> object</span> whose <span
        data-x="concept-port-owner">owner</span> is <var>settings object</var>. Let this be
        the <var>inside port</var>.</p></li>