1). is it possible to register a service worker for
https://xyz.xxxx.com from https://abc.xxxx.com ? if yes then how?
2). if http://abc.xxxx.com (http insecure) then anyway to register
a service worker for https://xyz.xxxx.com from http://abc.xxxx.com like in iframe or something....
Here are some general answers that I think should address the various points you raise in your question:
Each registered service worker has an associated
scope, which dictates the set of web pages that the service worker can control. The
scope of a service worker is a URL, and that URL must have the same origin as the page that registers the service worker, and must be either a URL that corresponds to the same path level as the page or a path that's one or more levels down. The default
'./', which corresponds to the same path level as the page. Because of this restriction, it's not possible to call
navigator.serviceWorker.register(...) from a page on one (sub-)domain and end up with a service worker that controls pages on another (sub-)domain.
There are restrictions in place to prevent you from throwing an
<iframe> on an
http: page and using that to register a service worker. See DOMException when registering service worker inside an https iframe
Though I don't know that it's directly related to your question, explicitly calling
fetch() for an
http: resource within your service worker code will result in a failure in current versions of Chrome, since mixed-content
fetch()s are not allowed within a service worker. I don't know if things are 100% settled on that front, and this open bug is still relevant.
If you have pages that live on both
xyz.123.com and you want both sets of pages to be controlled by a service worker, then you need to have two separate service worker registrations. Each registration needs to be for a copy of your service worker JS file that's hosted on the respective domain corresponding to the top-level page, and all pages and service worker scripts need to be accessed via
That being said, you can kick off a service worker registration for a different domain by including a cross-domain
<iframe> on a page, but both the host page and the
<iframe> need to be served via
https:. The normal service worker scoping restrictions apply, so if, for example, you want to register a service worker for the other domain that will cover the entire
https://other-domain.com/ scope, you need to make sure that the
src is at the top-level, e.g.
https://other-domain.com/iframe.html, not at
https://other-domain.com/path/to/iframe.html. This is the approach used by, for example, the AMP project via the