Bug 291315

Overview: We recently noticed some Issues in Safari when trying to match resultingClientId entries of a navigation fetch event to the clientId of loaded subresources loaded in our service worker. For some of our customers we saw mismatches in some but not all page loads. The culprit for this behavior seems to be the "Cross-Origin-Opener-Policy: same-origin" response header. Whenever we first encounter this header on a response we get a resultingClientId on the navigation which does not match the clientId of subsequently loaded resources for this client. After reloading the page or navigating to a different page where the header is present we no longer encounter the problem. Steps to Reproduce: 1) Go to https://sw-lifecycle-test.app.baqend.com/clientIdChange/index.html 2) Reload the page to ensure the Service Worker is installed. This will only fetch the requests and log the corresponding client ids. 3) Open Developer Tools for the installed Service Worker through Developers -> Service Workers -> sw-lifecycle-test.app.baqend.com 4) Click "Navigate without Header" to go to a page which does not include the mentioned header. In the Service Worker console a log should show up with the resultingClientId of this navigation. 5) Click "Fetch Resource" to initiate a fetch request which should also show up in the service worker console. The clientId of these fetch request should match the previously logged resultingClientId of the navigation. 6) Go back to the previous page. 7) Click "Navigate with Header" to go to the same page as before, only difference being the present of the aforementioned header on the response. The Service Worker log should again show the resultingClientId of this navigate. 8) Click "Fetch Resource" again to initiate a fetch request which should also show up in the service worker console. The clientId of these fetch request should be different from the previously logged resultingClientId of the navigation. 9) Reload the current page and click "Fetch Resource". Now after the second time seeing the header the mismatch should no longer be visible. Actual Results: Presence of "Cross-Origin-Opener-Policy" response header leads to mismatch of resultingClientId attribute with subsequent client ids of subresources. Expected Results: Presence of "Cross-Origin-Opener-Policy" response header should not impact usage of resultingClientId attribute for subsequent subresource requests. Build Date & Hardware: Safari 18.3 (20620.2.4.11.5) on Mac OS 15.3.1 (24D70) Additional Builds and Platforms: Via BrowserStack I was able to reproduce the issues with the above mentioned steps on Safari 16 and 17 too, so likely all versions with support for resultingClientId are affected. I also see it in the Technology Preview. I did not test on mobile devices.