| 05:15 | <annevk> | wanderview: if you created a shared or service worker from a document with a nonce, presumably they too should have a nonce? |
| 09:43 | <sideshowbarker> | https://github.com/gzuidhof/coi-serviceworker |
| 14:20 | <wanderview> | annevk: yes, the nonce would propagate and be part of the storage key as well |
| 15:24 | <annevk> | wanderview: I might have misunderstood and thought you were asking if we needed to pass anything on in addition to top-level origin... I think we have some things where we want to use top-level origin as opposed to site, e.g., if we want to disallow something in "third party" documents ideally we'd use cross-origin as a way to determine that. Some of that might be applicable to workers as well, but it's hard to come up with a concrete example |
| 15:33 | <wanderview> | annevk: I just discussed this with Domenic and he was going to write up an issue |
| 15:54 | <Domenic> | https://github.com/whatwg/html/issues/8014 |
| 19:14 | <wanderview> | annevk: would an initial PR to add "authority container" with just an origin and then a follow-up PR to add top-level site to the container be reasonable? |