Unregister a periodic sync in response to a 4xx or 5xx HTTP error. #3
Comments
3 tasks
|
We discussed this for service worker, and although it divided people, large scale sites said they'd likely lose data with a rule like this in place w3c/ServiceWorker#204 (comment) |
|
Another way to address this problem is to allow app code to determine future behavior given a response. For instance, if we get a 500 from the server, we may want to say, "don't try this request again for at least 8 hours." As an owner of a large site, we definitely want to avoid DDoS, but we also can't afford to just drop requests if there's a server error, which can intermittently happen. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Creating this to track feedback from TAG review (w3ctag/design-reviews#367):
Regarding the unregister on 4xx response, I think that it is important to have that, an error core (4xx or 5xx) should trigger an unregister to avoid zombie WebAppSec doing slow DDoS (if triggered by enough clients), so unregistering on errors mitigate that issue.
The text was updated successfully, but these errors were encountered: