Access to service workers / Cache API should be disabled in sandboxed frames without allow-same-origin flag.
<rdar://problem/36879952>
Created attachment 332308 [details] Patch
Comment on attachment 332308 [details] Patch r=me. Let's check in a follow-up whether workers in a sandboxed iframes are an issue for Cache as well.
Comment on attachment 332308 [details] Patch Clearing flags on attachment: 332308 Committed r227639: <https://trac.webkit.org/changeset/227639>
All reviewed patches have been landed. Closing bug.