Understanding Web Push
This is a general introduction to Web Push. If you want to jump right in, you can read about Pushpad Pro or Pushpad Express.
The term Web Push refers to a set of new technologies that allow websites to send push notifications. Notifications can be delivered even when the user is not on the website. This is possible thanks to a combination of new standards, such as the W3C Push API, Service Workers, Web Notifications and the IETF WebPush Protocol.
The following sequence describes the subscription process and the delivery of web push notifications:
PushManager.subscribe()). If the user accepts to receive push notifications, then...
- The browser contacts its own push service (e.g. Mozilla autopush) to create a new "mailbox". A "mailbox" is a secret URL called endpoint. Anyone who knows that URL can send push notifications to that browser.
- When you need to send a notification, the server contacts the browser push service (e.g. Mozilla autopush) with an HTTP POST request. The request URL is the endpoint of the recipient.
- The browser is constantly connected to its own push service and fetches the new notifications.
- The service worker is activated by the push message and is responsible for displaying the web notifications to the user.
For stronger security a new protocol called VAPID has been introduced: when the website calls
PushManager.subscribe(), it also provides a public key (the corresponding private key is kept on the server). The new endpoint can be used only if you can sign the push requests with the private key.
Safari doesn't support the standard yet. However Safari (desktop) supports a proprietary method based on APNs.