• Captured Headers - Headers that are captured in the Header rewriter, before they are rewritten. These headers are then sent to the client, so that they can be used for emulation, since you can’t rewrite the origin to a proxified origin. Not all forms of emulation require this, sometimes you need to emulate in the SW as is the case with policies, such as cache and referrer. In rare cases, you can use client APIs in the sandboxer to emulate this behavior without needing knowledge of the existing policies set by the headers.

Everything, which needs to be emulated includes: errors for all major browsers, Nested SWs, caching, and every security policy.

The proxy can be revealed

This requires cooperation with the HTML rewriter or interceptor and the service worker.

Many security policy emulation types depend on each other

Nested SW -> CSP emulation

-> - meaning depends on here

This refers to an interception-focused method of emulation, where you:

1. Create a fake API for the Navigator SW API
2. Communicate with message listeners on the SW, which will bundle. By bundle I mean resolving the importScripts in classic scripts and ESM in module scripts.