March 26th, 2020

Replying to a tweet from @TimoTijhof

Explain to me how a service worker could be abused, given its same-origin policy.

51° N , 0° E

Also on Twitter

Reply Retweet Favourite


Timo Tijhof

Given a news site with and without SW, why should third-party JS on the former be able to store it’s cookies for longer? (eg. GA.js) SW is not user intent. I expect trackers would just require their partners to register a no-op SW. Why wouldn’t they?

1 Like

# Liked by Zach Leatherman on Thursday, March 26th, 2020 at 4:27pm

Have you published a response to this? :