diff --git a/docs/index.bs b/docs/index.bs
index 649e1384..914c0c53 100644
--- a/docs/index.bs
+++ b/docs/index.bs
@@ -2351,6 +2351,8 @@ spec: webappsec-referrer-policy; urlPrefix: https://w3c.github.io/webappsec-refe
A job has a list of equivalent jobs (a list of jobs). It is initially the empty list.
A [=job=] has a force bypass cache flag. It is initially unset.
+
+ A [=job=] has a immediate unregister flag. It is initially unset.
@@ -3161,7 +3163,7 @@ spec: webappsec-referrer-policy; urlPrefix: https://w3c.github.io/webappsec-refe
: Output
:: none
- 1. If the [=environment settings object/origin=] of |job|'s [=job/scope url=] is not |job|'s [=job/client=]'s [=environment settings object/origin=], then:
+ 1. If |job|'s [=job/client=] is not null, and the [=environment settings object/origin=] of |job|'s [=job/scope url=] is not |job|'s [=job/client=]'s [=environment settings object/origin=], then:
1. Invoke [=Reject Job Promise=] with |job| and "{{SecurityError}}" {{DOMException}}.
1. Invoke Finish Job with |job| and abort these steps.
1. Let |registration| be the result of running Get Registration algorithm passing |job|'s [=job/scope url=] as the argument.
@@ -3170,7 +3172,13 @@ spec: webappsec-referrer-policy; urlPrefix: https://w3c.github.io/webappsec-refe
1. Invoke Finish Job with |job| and abort these steps.
1. [=map/Remove=] [=scope to registration map=][|job|'s [=job/scope url=]].
1. Invoke Resolve Job Promise with |job| and true.
- 1. Invoke [=Try Clear Registration=] with |registration|.
+ 1. If |job|'s [=immediate unregister flag=] is set, then:
+ 1. Invoke [=Clear Registration=] with |registration|.
+ 1. For each [=/service worker client=] |client| [=using=] |registration|:
+ 1. Assert: |client|'s [=active service worker=] is not null.
+ 1. Set |client|'s [=active service worker=] to null.
+ 1. Invoke [=Notify Controller Change=] with |client|.
+ 1. Else, invoke [=Try Clear Registration=] with |registration|.
Note: If [=Try Clear Registration=] does not trigger [=Clear Registration=] here, [=Clear Registration=] is tried again when the last client [=using=] the registration is [=Handle Service Worker Client Unload|unloaded=] or the [=extend lifetime promises=] for the registration's service workers settle.
@@ -3230,6 +3238,28 @@ spec: webappsec-referrer-policy; urlPrefix: https://w3c.github.io/webappsec-refe
* |registration|'s [=active worker=] is null or the result of running [=Service Worker Has No Pending Events=] with |registration|’s [=active worker=] is true.
+
+ Purge Service Worker Registrations
+
+ : Input
+ :: |origin|, an [=/origin=]
+ : Output
+ :: None
+
+ 1. [=map/For each=] scope → |registration| of [=scope to registration map=]:
+ 1. Let |scopeURL| be |registration|'s [=service worker registration/scope url=].
+ 1. If |scopeURL|'s [=/origin=] is not |origin|, [=continue=].
+ 1. Let |job| be the result of running [=Create Job=] with *unregister*, |scopeURL|, null, null, and null.
+ 1. Set |job|'s [=immediate unregister flag=].
+ 1. Let |jobQueue| be [=scope to job queue map=][|job|'s [=job/scope url=], [=URL serializer|serialized=]].
+ 1. Assert: |jobQueue| is not null.
+ 1. [=While=] |jobQueue| is not empty:
+ 1. Let |job| be the first item in |jobQueue|.
+ 1. Invoke [=Reject Job Promise=] with |job| and a TypeError.
+ 1. [=queue/Dequeue=] from |jobQueue|.
+ 1. Invoke [=Schedule Job=] with |job|.
+
+
Update Registration State