Project

General

Profile

Support #75

ServiceWorkers

Added by koszko 3 months ago. Updated 3 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Start date:
08/18/2021
Due date:
% Done:

0%

Estimated time:

Description

Investigate into Service Workers. Find out if some additional measures need to be taken against them

History

#1

Updated by jahoti 3 months ago

The following script will deregister all service workers in a page (courtesy of https://love2dev.com/blog/how-to-uninstall-a-service-worker/):

if (navigator.serviceWorker) {
    navigator.serviceWorker.getRegistrations().then(
        registrations => {
            for (let registration of registrations)
                registration.unregister();
        }
    );
}

EDIT: removed exclamation mark in if ~koszko

#2

Updated by koszko 3 months ago

Unfortunately, it seems a page reload is required for this to take effect.

Additionally, is there a way service worker could intercept HTTP headers and, in them, Hachette cookies?

#3

Updated by jahoti 3 months ago

Unfortunately, it seems a page reload is required for this to take effect.

Additionally, is there a way service worker could intercept HTTP headers and, in them, Hachette cookies?

Ohhh- that's quite a serious issue if it is indeed possible. If it turns out to work, perhaps we could present some version of this information on installation/start-up whenever service workers are available.

#4

Updated by koszko 3 months ago

jahoti wrote:

perhaps we could present some version of this information on installation/start-up whenever service workers are available.

Temporarily, this is a good idea. Ultimately, we should stop using cookies for policy smuggling, even though they initially seemed like a super good idea :/

#5

Updated by koszko 3 months ago

I added unregistering code on koszko branch. It needs testing

#6

Updated by jahoti 3 months ago

Ultimately, we should stop using cookies for policy smuggling, even though they initially seemed like a super good idea :/

Somehow, it seems the biggest technical challenge for this project has become blocking (unwanted) scripts of all things.

#7

Updated by koszko 3 months ago

jahoti wrote:

Somehow, it seems the biggest technical challenge for this project has become blocking (unwanted) scripts of all things.

Unfortunately, I have to agree

#8

Updated by jahoti 3 months ago

I unfortunately couldn't test this, as I couldn't find any test cases or understand how to set one up.

Also available in: Atom PDF