WebKit Bugzilla
New
Browse
Search+
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
243252
WorkerGlobalScope.isSecureContext should be based on owner's top URL, not the owner's URL
https://bugs.webkit.org/show_bug.cgi?id=243252
Summary
WorkerGlobalScope.isSecureContext should be based on owner's top URL, not the...
Chris Dumez
Reported
2022-07-27 09:00:32 PDT
WorkerGlobalScope.isSecureContext should be based on owner's top-level creation URL, not the owner's URL: -
https://html.spec.whatwg.org/multipage/webappapis.html#secure-context
This means that if a worker created in a HTTPS iframe, under a HTTP top-level document should not be considered as secure. This is causing us to fail the "HTTPS worker from HTTPS subframe" subtest on secure-contexts/basic-dedicated-worker.html WPT test. This test is passing in both Gecko and Blink.
Attachments
Add attachment
proposed patch, testcase, etc.
Chris Dumez
Comment 1
2022-07-27 09:04:36 PDT
Pull request:
https://github.com/WebKit/WebKit/pull/2780
EWS
Comment 2
2022-07-28 09:24:17 PDT
Committed
252913@main
(abdef0407a12): <
https://commits.webkit.org/252913@main
> Reviewed commits have been landed. Closing PR #2780 and removing active labels.
Radar WebKit Bug Importer
Comment 3
2022-07-28 09:25:18 PDT
<
rdar://problem/97727226
>
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug