[Webkit-unassigned] [Bug 249766] New: Push to expired endpoint returns 200 still

[bugzilla-daemon at webkit.org]

https://bugs.webkit.org/show_bug.cgi?id=249766

            Bug ID: 249766
           Summary: Push to expired endpoint returns 200 still
           Product: WebKit
           Version: Safari 16
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Service Workers
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: andy at ukclimbing.com

Sending a Web Push notification to an old subscription gives no indication the subscription is old.

Example scenario:
User subscribes to push notifications
User removes the permission in safari settings (note: removes, not denies)
User subscribes to push notifications

Result:
Backend has two records of a subscription to that user, but only one is actually valid
When sending a notification to the first (expired) subscription, there is no indication the subscription has expired. This wastes bandwidth.
On other browsers, it will return a 40* error, allowing the server to delete the expired subscription


Admittedly, it may be a privacy issue to alert the server of an expired subscription. But the workaround (storing device details with a subscription to ensure each device has one subscription) also is a privacy concern

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20221222/bd623ece/attachment.htm>