TL;DR: One-shot XSS registers a malicious service worker — origin-wide fetch hijack, push-message phishing, and persistence after the initial bug is patched.

Stub — to be filled in.

What it is

TODO

Preconditions / where it applies

TODO

Technique

TODO

Detection and defence

TODO

References

• https://www.akamai.com/blog/security/abusing-the-service-workers-api