-
Notifications
You must be signed in to change notification settings - Fork 312
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Registering service workers for unique origins? #1437
Comments
This is an interesting use case. I think our original reason for blocking service workers on opaque origins is because at the time we didn't see how it could provide offline or another reasonable use case. |
URL.createObjectURL I think is generally considered a regrettable decision we wouldn't want to imitate. As designed it encourages leaking resources, and as browsers need to implement it (at least Firefox), it's actually even more horrible under the hood. Being able to register a single ServiceWorker on a special scope that's explicitly for opaque origins for this exact scenario might work, though. Like: |
That makes sense. I mainly brought up the What are the next steps in continuing this discussion? I don't think our use case is specific to our implementation of webviews for VS Code |
To try to workaround this limitation, I've setup a domain that serves the same content on every subdomain you access (this way, the served up pages have a unique origin). These subdomains are only used once by a client and a service worker is registered for them. However I do not know if this will cause perf issue for browsers in practice. What will happen as the number of service workers builds up as we keep accessing new subdomains? I've asked about this on StackOverflow. I think I may be able to call |
Thoughts for TPAC:
|
mark, createServiceWorkerEndpoint . I need this api to create sw too. |
I'm in a similar position as mjbvz. I have same-origin, yet untrusted code, which I voluntarily sandbox. I would like the content to be controlled by my service worker. Additionally, I would like global key combinations such as Ctrl+S to work even when one of those iFrames has focus. I have thought about serving the content from a different origin, then using allow-same-origin and two nested iFrames to set up the service worker and key event listeners, as described in more detail by mjbvz. However, my application is currently purely static, without any server-side infrastructure requirements, thus serving the content form (multiple) different origins would be an unfortunate new requirement. I got the following idea to solve this: maybe opaque origins are too harsh, in that they fail same-origin checks even with themselves. If we had the ability to create unique origins that pass same-origin checks with themselves, we could use the nested iFrames approach without any server-side infrastructure. This could e.g. be a new value for the sandbox attribute on iFrames: <iframe sandbox="allow-scripts">
<!-- Semantics unchanged, the content is placed into an opaque origin
that fails same-origin checks even with itself. -->
</iframe>
<iframe sandbox="allow-scripts allow-unique-origin">
<!-- The new option, which places the content into a unique origin,
which is capable of passing same-origin checks with itself. -->
</iframe>
<iframe sandbox="allow-scripts allow-same-origin">
<!-- Semantics unchanged, the content keeps its origin. -->
</iframe> |
I might be misreading the specification, but AFAICT opaque origins should succeed the same-origin check exactly with themselves:
|
I am hacking on a webapp to display archived webpages from MAFF or WARC files (so in a sense I would use to handle "wrapped webapps").
In my use case, I would never perform a fetch from the service worker directly. Instead I would either:
IIUC for the problem stated by the OP this might not even be needed, as the service worker they are registering is only supposed to handle requests made by Short-term, I am planning to try and (ab)use wildcard domain names to "generate" unique origins. This makes setting up the RPC between the SW and embedder non-trivial and requires an ad-hoc configuration on the server side. What might be the best way to move forward with this issue? |
Problem
I am looking for a way to register a service worker runs for a unique origin. The lifetime of the service worker would be tied to the lifetime of the page with that unique origin.
Details
I develop VS Code's webview API, which lets VS Code extensions render arbitrary html inside of the VS Code editor. I am currently trying to set up a sandboxed environment for webviews using iframes + service workers. Here's the basic structure:
The main issue with this approach is that all the webview content ends up being served from the same
cdn.contoso.com
origin, which means that webviews can end up effecting each other indirectly. I've tried various incantations ofallow-same-origin
andsrcdoc
and data uris, but have not been able to find a means to serve the iframe in a unique origin so that we can still register a service worker for it.A secondary issue is that we need to stand up
cdn.contoso.com
to serve up the outer iframe content in the first place. This adds extra setup and maintenance cost for people hosting VS Code.Here's the actual code that implements all this today:
Proposals
I believe that allowing service workers to be registered in sandboxed iframe that does not set
allow-same-origin
would solve the main issue for us. Since the origin of the page in that case is unique, my expectation is that the service worker's lifetime would be tied to that of the document itself. Once the document is unloaded, the browser could delete the service worker and clean up any related resources.Another approach would be an API for registering a one-time service worker that runs on a unique origin. The page would then be able to use the unique origin to serve up content. The lifetime of the worker would be the same as the page itself (similar to
URL.createObjectURL
).For example, this could look something like:
The
url
would be a guaranteed unique origin, perhaps by using a unique identifier:sw-endpoint://00071f0e-fd75-4525-acde-cacb6fc7a1cd
. Theurl
would be usable on the page that created the worker as well as on any pages it embeds.The registered service worker itself would behave just like a normal service worker. However its lifetime would be linked to the page that created it. This would also simplify the creation of a virtual server for us (because we do not use many parts of service workers, such as them being shared across multiple pages).
Possibly Related issues
<iframe sandbox />
+ SW #1390The text was updated successfully, but these errors were encountered: