mugdhalakhani

Thanks for this suggestion, asutherland@. Here are my thoughts: 1.Browsers generally don't trust strings provided by the website. There's a lot of input sanitization we'll need to do, and even...

In general, if the usera gent decides it's a bad idea to consume data -- whether because data saver mode is on or the OS detects it's on a meted...

The site can do any synchronization outside of the 'periodicsync' event when it has pages/iframes open. Periodic _Background_ Sync aims to facilitate synchronization when the user isn't on the site...

Capturing here what we discussed offline. A future version of PBS will likely set a morning and an evening time interval for synchronization, which will make this a non-issue. Resource...

Thanks Maciej! See responses to the points you raised inline: > (a) Periodic BackgroundSync could be used to build BotNets along the lines in this paper: https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_01B-2_Papadopoulos_paper.pdf > (b) More...

> At a high level, I'd say it is essential for a specification and proposed standard to address security in the specification, not just in the implementation. In increasing order...

This was suggested to be more inclusive of uploads. On second thought however, the user agent can just calculate the size of the uploads, and it isn't something we need...

Background Fetch code uses ImageResource, the spec just needs to be updated. The plan is to replace IconDefinition with ImageResouce in the spec, which will support USVString instead. (Payment Handler...

Just summarizing the points I made over email: 1. Our implementation will get simpler indeed without having to deal with duplicate requests, and you're right about the inconsistencies with the...

- I agree the implementation is irrelevant, all the more reason to support Duplicate requests. - I mentioned requests with bodies because that's they'll Duplicate requests, and we plan to...