Questions tagged [service-worker]
The service-worker tag has no usage guidance.
6
questions
2
votes
1
answer
386
views
Can I use a ServiceWorker to prevent an XSS attacker from gaining access to private user data?
I run a small blogging platform, and I want my users to be able to embed javascript that runs on their blogs (to manipulate the DOM, etc. as you might if you were hosting your own website). However, I ...
- 125
2
votes
1
answer
825
views
Does enabling SharedArrayBuffers via service worker headers create Spectre vulnerability?
In browsers, use of SharedArrayBuffer is restricted to sites with the following HTTP headers because otherwise it exposes vulnerabilities to Spectre and Meltdown.
Cross-Origin-Embedder-Policy: require-...
- 123
2
votes
0
answers
1k
views
Progressive web app, Access token storage
I'm currently working on an existing PWA (Progressive web app) build in VUEJS. Currently i'm using Auth0 for user authentication and it works fine. But it seems a bit overkill and client finds it very ...
- 21
2
votes
0
answers
201
views
Does it matter that my browser shows an out-of-date certificate when a website uses service workers?
A website I frequent (a Discourse forum) uses Let's Encrypt TLS certificates which are updated every two months with a valid period of three months. But the certificate information shown by Chrome ...
- 361
1
vote
0
answers
594
views
Are web worker / service worker secure environments to store a password, credit card information, access tokens?
If there is a case where I wish to store sensitive data like a password, credit card information, or access tokens:
Are web workers / service workers a secure environment, where such data can not be ...
- 111
2
votes
1
answer
152
views
What measures can be taken to make a site safe again after a hostile service worker is installed in users' browsers?
So my understanding of Service Workers is that once installed they grant you full control over requests to a domain. If an attacker managed to include their service worker in your site, then for ...
- 361