DOMException when registering service worker inside an https iframe

Question

I'm trying to register a service worker in an https iframe inside an http (unsecured) site. Until lately, my code ran without any issues. From the last chrome update (44) this code fails inside the iframe:

navigator.serviceWorker.register('./service-worker.js');

I get this error in console: Uncaught (in promise) DOMException: Only secure origins are allowed

Was there any change that now prevents secured iframes from registering service workers if they are running in an unsecured parent?

Answer 1

It appears that this did change recently. It also appears that the current behaviour will now be maintained - see this discussion at the service worker spec repository. Both of those discussions cite this specification as the basis for the policy.