Openbravo Issue Tracking System - Retail Modules
View Issue Details
0053065Retail ModulesWeb POSpublic2023-07-26 13:102023-07-26 16:49
caristu 
Retail 
highminorhave not tried
newopen 
5
 
 
No
0053065: Scope of the service worker must be restricted
The scope defined for the service worker in enyo pos is '/'[1]. This means that
the service worker has control over the entire origin (i.e., all pages and assets within the same domain as the service worker). This is not correct as we only have to control the resources that affect to the specific application (enyopos, awo etc.)

[1] https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core/-/blob/master/web/org.openbravo.mobile.core/source/offline/ob-fetch-manifest.js#L174 [^]
One of the possible ways of checking that the scope is requesting more than it should:

0) Revert the change introduced here[1], which is a workaround to avoid this problem happen
1) In a new browser tab, open main Openbravo login page
2) In a second browser tab, open the enyopos login page
3) Clear the browsers cache, and refresh the enyopos login page, note that the service worker is not only requesting resources for the enyopos, but also it is requesting the login page of the backend (Security/Login URL).

[1] https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core/-/merge_requests/565 [^]
No tags attached.
related to defect 0052839 closed caristu Openbravo ERP Extensible authentication provider infrastructure 
Issue History
2023-07-26 13:10caristuNew Issue
2023-07-26 13:10caristuAssigned To => Retail
2023-07-26 13:10caristuTriggers an Emergency Pack => No
2023-07-26 14:31caristuRelationship addedrelated to 0052839
2023-07-26 16:48caristuSteps to Reproduce Updatedbug_revision_view_page.php?rev_id=26509#r26509
2023-07-26 16:49caristuSteps to Reproduce Updatedbug_revision_view_page.php?rev_id=26510#r26510

There are no notes attached to this issue.