[Webkit-unassigned] [Bug 186050] New: Allow range requests to pass through a service worker
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue May 29 06:42:28 PDT 2018
https://bugs.webkit.org/show_bug.cgi?id=186050
Bug ID: 186050
Summary: Allow range requests to pass through a service worker
Product: WebKit
Version: Safari Technology Preview
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Service Workers
Assignee: webkit-unassigned at lists.webkit.org
Reporter: jaffathecake at gmail.com
Spec change: https://github.com/whatwg/fetch/pull/560.
Tests: https://github.com/web-platform-tests/wpt/pull/10348.
Security issues to pay attention to: https://github.com/whatwg/fetch/issues/144#issuecomment-368040980
This spec change means that rage requests (such as those from media elements) are allowed to pass through a service worker as long as they aren't modified. This fixes a long standing issue where media elements behave oddly if intercepted by a service worker (as the range headers were lost).
How media elements ingest partial responses remains unspecified for now. See the attacks in https://github.com/whatwg/fetch/issues/144#issuecomment-368040980 & their mitigations. Attack 4 is already covered in the tests.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20180529/9f3ee8ef/attachment.html>
More information about the webkit-unassigned
mailing list