-
Notifications
You must be signed in to change notification settings - Fork 312
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
A way to immediately unregister a service worker #614
Comments
@annevk I think unregister only allows the you to do so at your current scope, o it seems like a 'kill switch' in the header gives the added benefit of the server being able, for any URL, to specify "no service workers at all". Requiring absolute paths in Service-Worker-Allowed seems reasonable to me since I believe in the spec 'scope' is already required to be absolute anyway (http://www.w3.org/TR/service-workers/#unregister-algorithm for example). On the other hand, @slightlyoff's suggestion of a blank value also seems reasonable to me. |
What is quoted above is out of context as I was responding to a suggestion of using |
Nah, they can be relative (to the page). The kill switch idea came up before and #236 was created as a result. Would that work here? You could serve a SW that contained only:
…which would unregister but also un-claim all pages immediately. Alternatively, |
I don't think that's sufficient. I'd want to be able to just serve headers that tell the client that Service Workers are not allowed so that any content with HTTP headers, even if it's not going to run JavaScript, can specify that the origin should not have ServiceWorkers. I'd also love to have it be a preventative measure as well, and prevent registration of ServiceWorkers, but that may be more ambitious/complicated than I think. For example, if Dropbox knows that it should never have a ServiceWorker, they should be able to effectively "turn Service Workers off" for their origin by always specifying said header with all requests. |
Disabling SWs altogether and preventing installation seems like a CSP directive. Disabling just one SW through HTTP should use HTTP status codes on its script URL. |
If the motivation of the kill-switch is a sure-fire way to immediately shutdown SW in an emergency (say you roll out a respondWith('hello world') SW), these don't seem sufficient yet:
But maybe 24 hours is the best guarantee the SW spec should provide? Sites that are worried can set no-cache or max-age. |
Ah, I see the SW would run self.registration.unregister({immediate: true}), so that also takes 24 hours. I implementing both unregister({immediate: true}) and HTTP status 410 would be OK. The protocol solution is a bigger hammer in case the browser's having trouble even spinning up workers or its registration job queue is wedged. |
Could it make sense for the Update algorithm to do a HEAD request and more aggressively than the 24 hour cache check? For example every 1 hour or even every time? This would be a powerful kill-switch, no waiting for 24 hours. |
@mattto Let me make sure... when you say 'every 1 hour' you mean 'when navigation happens after 1 hour+ since the last update check runs', right? I'd be worried about the battery consumption on mobile devices. |
Sorry that wasn't clear. My idea was in the Update algorithm, do a HEAD request before fetching the script. The HEAD request could be done every time, or else limited by something like once every hour (similar to how fetching the script bypasses the cache only once every 24 hours). Update can be invoked via by SoftUpdate, which the UA can run at anytime (Chrome schedules one to happen soon after every navigation to a page in scope). In Chrome's case, I think it shouldn't be too battery/network costly since you're already hitting network by navigating to the site. |
FYI I think the current APIs let you implement the equivalent of an skipWaiting();
onactivate = function(e) {
e.waitUntil(clients.claim()
.then(function() { return self.registration.unregister(); }
.then(function() { return Promise.reject(); })));
}; A more sugary syntax may still be good. |
Nevermind, as per issue #659 the spec will likely change so that |
I'm a little confused by the 24hr thing. A SW is checked for updates on navigation, so:
Step 2 would only be skipped if the ServiceWorker was served with a max-age and was still considered fresh. For this use-case, I don't see a benefit to unregistering rather than fixing the SW. If an evil user has managed to install a SW on another site, the other site probably wants to unregister it pretty fast, but that's still just:
So the new SW would be: self.oninstall = _ => self.skipWaiting();
self.onactivate = _ => {
self.registration.unregister()
.then(_ => client.getAll())
.then(clients => clients.map(c => c.navigate()));
}; |
Moving this to v2, as we have ways of doing this without a specific API. In cases where the SW is totally broken, this could happen:
Continual failures may even result in the UA unregistering the SW. |
At the f2f we also had discussion about how developers could detect that their responses weren't valid. We had the idea that
|
Hi Jake can we track the respondWith() return promise as a different issue? The idea also came up in a codereview from @mikewest: https://codereview.chromium.org/1228233007/#msg9 |
Just wanted to add an extra use case. I've writing some unit tests for SW fetch events and hit a scenario where registering and unregistering SW's between tests and essentially there was no way to completely remove the currently controlling sw since the redundant SW is brought back to life if the same SW is used between tests. |
I think this makes WPTs awkward too. |
Would an API performing the Clear-Site-Data header operation serve this purpose? |
Yeah, that spec used to have an API defined, but it doesn't anymore. It'd also clear a whole lot more, but maybe that's ok. |
@asutherland awesome, thank you for the clarification. @mattto do you know what Chrome does with permissions when CSD is used? Will Chrome re-use existing permissions if |
For TPAC:
|
I created an issue related to the logistics of applying Clear-Site-Data: #1471 |
TPAC:
|
Adds a failing test, asserting that pages actively controlled by a service worker become uncontrolled after the Clear-Site-Data storage directive. We agreed on this behavior in a spec issue and confirmed the need for this test at the TPAC Service Workers F2F. w3c/ServiceWorker#614 F2F notes: https://docs.google.com/document/d/1_Qfw5m3BJEaL1xIzTJd41HXjgJ9gq7mroBDXqSJIzic/edit
…e directive Adds a failing test, asserting that pages actively controlled by a service worker become uncontrolled after the Clear-Site-Data storage directive. We agreed on this behavior in a spec issue and confirmed the need for this test at the TPAC Service Workers F2F. w3c/ServiceWorker#614 F2F notes: https://docs.google.com/document/d/1_Qfw5m3BJEaL1xIzTJd41HXjgJ9gq7mroBDXqSJIzic/edit
@jakearchibald took a pass at a failing test for verifying that clients are uncontrolled after |
…e directive Adds a failing test, asserting that pages actively controlled by a service worker become uncontrolled after the Clear-Site-Data storage directive. We agreed on this behavior in a spec issue and confirmed the need for this test at the TPAC Service Workers F2F. w3c/ServiceWorker#614 F2F notes: https://docs.google.com/document/d/1_Qfw5m3BJEaL1xIzTJd41HXjgJ9gq7mroBDXqSJIzic/edit
…e directive Adds a failing test, asserting that pages actively controlled by a service worker become uncontrolled after the Clear-Site-Data storage directive. We agreed on this behavior in a spec issue and confirmed the need for this test at the TPAC Service Workers F2F. w3c/ServiceWorker#614 F2F notes: https://docs.google.com/document/d/1_Qfw5m3BJEaL1xIzTJd41HXjgJ9gq7mroBDXqSJIzic/edit
…e directive Adds a failing test, asserting that pages actively controlled by a service worker become uncontrolled after the Clear-Site-Data storage directive. We agreed on this behavior in a spec issue and confirmed the need for this test at the TPAC Service Workers F2F. w3c/ServiceWorker#614 F2F notes: https://docs.google.com/document/d/1_Qfw5m3BJEaL1xIzTJd41HXjgJ9gq7mroBDXqSJIzic/edit
…e directive Adds a failing test, asserting that pages actively controlled by a service worker become uncontrolled after the Clear-Site-Data storage directive. We agreed on this behavior in a spec issue and confirmed the need for this test at the TPAC Service Workers F2F. w3c/ServiceWorker#614 F2F notes: https://docs.google.com/document/d/1_Qfw5m3BJEaL1xIzTJd41HXjgJ9gq7mroBDXqSJIzic/edit
…e directive Adds a failing test, asserting that pages actively controlled by a service worker become uncontrolled after the Clear-Site-Data storage directive. We agreed on this behavior in a spec issue and confirmed the need for this test at the TPAC Service Workers F2F. w3c/ServiceWorker#614 F2F notes: https://docs.google.com/document/d/1_Qfw5m3BJEaL1xIzTJd41HXjgJ9gq7mroBDXqSJIzic/edit
…e directive Adds a failing test, asserting that pages actively controlled by a service worker become uncontrolled after the Clear-Site-Data storage directive. We agreed on this behavior in a spec issue and confirmed the need for this test at the TPAC Service Workers F2F. w3c/ServiceWorker#614 F2F notes: https://docs.google.com/document/d/1_Qfw5m3BJEaL1xIzTJd41HXjgJ9gq7mroBDXqSJIzic/edit
…e directive Adds a failing test, asserting that pages actively controlled by a service worker become uncontrolled after the Clear-Site-Data storage directive. We agreed on this behavior in a spec issue and confirmed the need for this test at the TPAC Service Workers F2F. w3c/ServiceWorker#614 F2F notes: https://docs.google.com/document/d/1_Qfw5m3BJEaL1xIzTJd41HXjgJ9gq7mroBDXqSJIzic/edit
…e directive Adds a failing test, asserting that pages actively controlled by a service worker become uncontrolled after the Clear-Site-Data storage directive. We agreed on this behavior in a spec issue and confirmed the need for this test at the TPAC Service Workers F2F. w3c/ServiceWorker#614 F2F notes: https://docs.google.com/document/d/1_Qfw5m3BJEaL1xIzTJd41HXjgJ9gq7mroBDXqSJIzic/edit
…e directive (#19132) Adds a failing test, asserting that pages actively controlled by a service worker become uncontrolled after the Clear-Site-Data storage directive. We agreed on this behavior in a spec issue and confirmed the need for this test at the TPAC Service Workers F2F. w3c/ServiceWorker#614 F2F notes: https://docs.google.com/document/d/1_Qfw5m3BJEaL1xIzTJd41HXjgJ9gq7mroBDXqSJIzic/edit
… service workers, a=testonly Automatic update from web-platform-tests Clear-Site-Data: clients uncontrolled by service workers after storage directive (#19132) Adds a failing test, asserting that pages actively controlled by a service worker become uncontrolled after the Clear-Site-Data storage directive. We agreed on this behavior in a spec issue and confirmed the need for this test at the TPAC Service Workers F2F. w3c/ServiceWorker#614 F2F notes: https://docs.google.com/document/d/1_Qfw5m3BJEaL1xIzTJd41HXjgJ9gq7mroBDXqSJIzic/edit -- wpt-commits: 8be01b6e0d191a641f45ad59e83718155775921d wpt-pr: 19132
… service workers, a=testonly Automatic update from web-platform-tests Clear-Site-Data: clients uncontrolled by service workers after storage directive (#19132) Adds a failing test, asserting that pages actively controlled by a service worker become uncontrolled after the Clear-Site-Data storage directive. We agreed on this behavior in a spec issue and confirmed the need for this test at the TPAC Service Workers F2F. w3c/ServiceWorker#614 F2F notes: https://docs.google.com/document/d/1_Qfw5m3BJEaL1xIzTJd41HXjgJ9gq7mroBDXqSJIzic/edit -- wpt-commits: 8be01b6e0d191a641f45ad59e83718155775921d wpt-pr: 19132
… service workers, a=testonly Automatic update from web-platform-tests Clear-Site-Data: clients uncontrolled by service workers after storage directive (#19132) Adds a failing test, asserting that pages actively controlled by a service worker become uncontrolled after the Clear-Site-Data storage directive. We agreed on this behavior in a spec issue and confirmed the need for this test at the TPAC Service Workers F2F. w3c/ServiceWorker#614 F2F notes: https://docs.google.com/document/d/1_Qfw5m3BJEaL1xIzTJd41HXjgJ9gq7mroBDXqSJIzic/edit -- wpt-commits: 8be01b6e0d191a641f45ad59e83718155775921d wpt-pr: 19132 UltraBlame original commit: 8b899d0a8c9d3cff2b26f20ca5235418b65447ba
… service workers, a=testonly Automatic update from web-platform-tests Clear-Site-Data: clients uncontrolled by service workers after storage directive (#19132) Adds a failing test, asserting that pages actively controlled by a service worker become uncontrolled after the Clear-Site-Data storage directive. We agreed on this behavior in a spec issue and confirmed the need for this test at the TPAC Service Workers F2F. w3c/ServiceWorker#614 F2F notes: https://docs.google.com/document/d/1_Qfw5m3BJEaL1xIzTJd41HXjgJ9gq7mroBDXqSJIzic/edit -- wpt-commits: 8be01b6e0d191a641f45ad59e83718155775921d wpt-pr: 19132 UltraBlame original commit: 8b899d0a8c9d3cff2b26f20ca5235418b65447ba
… service workers, a=testonly Automatic update from web-platform-tests Clear-Site-Data: clients uncontrolled by service workers after storage directive (#19132) Adds a failing test, asserting that pages actively controlled by a service worker become uncontrolled after the Clear-Site-Data storage directive. We agreed on this behavior in a spec issue and confirmed the need for this test at the TPAC Service Workers F2F. w3c/ServiceWorker#614 F2F notes: https://docs.google.com/document/d/1_Qfw5m3BJEaL1xIzTJd41HXjgJ9gq7mroBDXqSJIzic/edit -- wpt-commits: 8be01b6e0d191a641f45ad59e83718155775921d wpt-pr: 19132 UltraBlame original commit: 8b899d0a8c9d3cff2b26f20ca5235418b65447ba
This change adds an algorithm, Purge Service Worker Registrations, that immediately unregister - by calling into Clear Registration - service worker registrations for a given origin. It takes an origin and a boolean argument for unclaiming controlled clients. This is designed for Clear-Site-Data's "storage" directive. job's immediate unregister flag added in this change can be used for unregister({immediate: true}) or alternative designs as a TODO. Issue: #614.
Clear-Site-Data: "storage" has used Service Workers' unregister() as Service Workers' had no external algorithm that allows immediate purging of the service worker registrations. This change calls into Purging Service Worker Reigstration algorithm defined in Service Workers with the origin and intention to unclaim the controlled clients when "storage" directive is specified. Issue: w3c#54. Service Workers issue: w3c/ServiceWorker#614. Service Workers PR: w3c/ServiceWorker#1506.
Spin off from #468.
Alex:
Anne:
The text was updated successfully, but these errors were encountered: