Hi Hamish, >Is that about it? Yup. >The existing docs for CacheStorage (only, not `caches` or `Cache`) indicate secure context support was added in FF44. Is that an error? If not, what is the difference between what happened in FF44 and now? That kinda makes sense. Before this patch `CacheStorage` is the one that has secure-context-related logic (its methods threw exception in non-secure context), and `caches` just returned `CacheStorage` without any error. But it certainly is confusing to devs, I'd rather mark them as supported and add notes about this. >There are some comments about about Private Browsing. Is there anything we need to say about that? If so, what happens for PB in a secure context with caches? The work is happening but it's Nightly only and is actively changing. Please ignore that part for now. (Bug 1776109) >How does that differ from "in a secure context"? I.e. does that mean that even if localhost would normally be a secure context then it wouldn't work for Chrome because it requires HTTPS and a valid certificate in all cases? If so, I assume FF does not have this limitation. I feel like that part is misleading, I don't think SecureContext checks certificates. `caches` is available on https://expired.badssl.com/ on both Firefox and Chrome, so I'd just remove that note. Thanks for as always, and feel free to ask more whenever needed.
Bug 1112134 Comment 58 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
Hi Hamish, >Is that about it? Yup. >The existing docs for CacheStorage (only, not `caches` or `Cache`) indicate secure context support was added in FF44. Is that an error? If not, what is the difference between what happened in FF44 and now? That kinda makes sense. Before this patch `CacheStorage` is the one that has secure-context-related logic (its methods threw exception in non-secure context), and `caches` just returned `CacheStorage` without any error. But it certainly is confusing to devs, I'd rather mark them as supported and add notes about this. >There are some comments about about Private Browsing. Is there anything we need to say about that? If so, what happens for PB in a secure context with caches? The work is happening but it's Nightly only and is actively changing. Please ignore that part for now. (Bug 1776109) >How does that differ from "in a secure context"? I.e. does that mean that even if localhost would normally be a secure context then it wouldn't work for Chrome because it requires HTTPS and a valid certificate in all cases? If so, I assume FF does not have this limitation. I feel like that part is misleading, I don't think SecureContext checks certificates. `caches` is available on https://expired.badssl.com/ on both Firefox and Chrome, so I'd just remove that note. Thanks as always, and feel free to ask more whenever needed.