{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 手持菜刀,她持情操 的问题《DOMException when registering service worker insid》','https://www.manongdao.com/q-388614.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'm trying to register a service worker in an https iframe inside an http (unsecured) site. Until lately, my code ran without any issues. From the last chrome update (44) this code fails inside the iframe:
navigator.serviceWorker.register('./service-worker.js');
I get this error in console:
Uncaught (in promise) DOMException: Only secure origins are allowed
Was there any change that now prevents secured iframes from registering service workers if they are running in an unsecured parent?
It appears that this did change recently. It also appears that the current behaviour will now be maintained - see this discussion at the service worker spec repository. Both of those discussions cite this specification as the basis for the policy.