New issue
Advanced search Search tips
Starred by 1 user

Issue metadata

Status: Started
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug

Blocked on:
issue 861965

Sign in to add a comment

Issue 867302: Consider deprecating cross-origin workers

Reported by, Jul 25 2018 Project Member

Issue description

Basically, workers are assumed to be same-origin, but in some cases the origin of the parent Document and the origin of the worker script can be different, because the same-originness is implemented as SecurityOrigin::CanRequest().

This CL tracks possible efforts to deprecate such "cross-origin" workers, especially around extensions.

Design doc:

Comment 1 by, Jul 25 2018

Blockedon: 861965

Comment 2 by, Dec 14

Project Member
The following revision refers to this bug:

commit 4a696c0c1c9c067cf321b795a488b28a2aafe1b4
Author: Hiroshige Hayashizaki <>
Date: Fri Dec 14 02:50:31 2018

Add a UMA for same-originness of classic worker top-level scripts

To investigate when/how often there are "cross-origin" workers,
this CL adds a UMA to record same-originness of worker scripts
and its cross-origin reasons of classic worker top-level scripts.

Bug: 867302
Change-Id: I52c8caab6974d2db0b95e25115faba8045429902
Reviewed-by: Hiroki Nakagawa <>
Reviewed-by: Brian White <>
Reviewed-by: Matt Falkenhagen <>
Commit-Queue: Hiroshige Hayashizaki <>
Cr-Commit-Position: refs/heads/master@{#616566}

Sign in to add a comment