- A push subscription has internal slots for a P-256 ECDH key pair and an - authentication secret in accordance with [[!WEBPUSH-ENCRYPTION]]. These slots MUST be - populated when creating the push subscription, and MUST remain constant for its - lifetime. -
-- When a push subscription is deactivated, both the user agent and the push - service MUST delete any stored copies of its details. Subsequent push messages - for this push subscription MUST NOT be delivered. -
-- A push subscription is deactivated when its associated service worker - registration is unregistered, though a push subscription MAY be - deactivated earlier. A push subscription is removed when the clear - registration algorithm is run for the service worker registration. -
A push subscription has an associated push endpoint. It MUST be the absolute URL exposed @@ -383,6 +365,75 @@
+ A push subscription has internal slots for a P-256 ECDH key pair and an + authentication secret in accordance with [[!WEBPUSH-ENCRYPTION]]. These slots MUST be + populated when creating the push subscription. +
++ If the user agent has to change the keys for any reason, + it MUST fire the pushsubscriptionchange event with the + service worker registration associated with the push subscription as + registration, a PushSubscription instance representing the + push subscription having the old keys as oldSubscription and a + PushSubscription instance representing the push subscription having the new + keys as newSubscription. +
++ A user agent or push service MAY choose to refresh a + push subscription at any time, for example because it has reached a certain age. +
++ When this happens, the user agent MUST create a new push subscription + with the push service on behalf of the application, using the + PushSubscriptionOptions that were provided for creating the current + push subscription. The new push subscription MUST have a key pair that's + different from the original subscription. +
++ When successful, user agent then MUST fire the pushsubscriptionchange event + with the service worker registration associated with the push subscription + as registration, a PushSubscription instance representing the initial + push subscription as oldSubscription and a PushSubscription + instance representing the new push subscription as newSubscription. +
++ To allow for time to propagate changes to application servers, a user agent + MAY continue to accept messages for an old push subscription for a brief time + after a refresh. Once messages have been received for a refreshed + push subscription, any old push subscriptions MUST be deactivated. +
+
+ If the user agent is not able to refresh the push subscription, it SHOULD
+ periodically retry the refresh. When the push subscription can no longer be used,
+ for example because it has expired, the user agent MUST
+ fire the pushsubscriptionchange event with the service worker registration
+ associated with the push subscription as registration, a
+ PushSubscription instance representing the deactivating push subscription
+ as oldSubscription and null as the newSubscription.
+
+ When a push subscription is deactivated, both the user agent and the push + service MUST delete any stored copies of its details. Subsequent + push messages for this push subscription MUST NOT be delivered. +
++ A push subscription is deactivated when its associated service worker + registration is unregistered, though a push subscription MAY be + deactivated earlier. A push subscription is removed when the clear + registration algorithm is run for the service worker registration. +
+
- When a permission is revoked, all push subscriptions created with that permission
- MUST be deactivated.
+ When a permission is revoked, the user agent MAY
+ fire the pushsubscriptionchange event for subscriptions created with that permission,
+ with the service worker registration associated with the push subscription as
+ registration, a PushSubscription instance representing the
+ push subscription as oldSubscription, and null as
+ newSubscription. The user agent MUST deactivate the affected
+ subscriptions in parallel.
When a service worker registration is unregistered, any associated push
@@ -550,7 +606,7 @@
The Service Worker specification defines a ServiceWorkerRegistration interface @@ -999,26 +1055,29 @@
- The Service Worker specification defines a ServiceWorkerGlobalScope interface
- [[!SERVICE-WORKERS]], which this specification extends.
-
- partial interface ServiceWorkerGlobalScope {
- attribute EventHandler onpush;
- attribute EventHandler onpushsubscriptionchange;
- };
-
-
- The onpush attribute is
- an event handler whose corresponding event handler event type is
- push.
-
- The onpushsubscriptionchange - attribute is an event handler whose corresponding event handler event type is - pushsubscriptionchange. -
+
+ The Service Worker specification defines a ServiceWorkerGlobalScope interface
+ [[!SERVICE-WORKERS]], which this specification extends.
+
+ partial interface ServiceWorkerGlobalScope {
+ attribute EventHandler onpush;
+ attribute EventHandler onpushsubscriptionchange;
+ };
+
+
+ The onpush attribute is
+ an event handler whose corresponding event handler event type is
+ push.
+
+ The onpushsubscriptionchange
+ attribute is an event handler whose corresponding event handler event type is
+ pushsubscriptionchange.
+
- The pushsubscriptionchange event indicates that a push subscription - has been invalidated, or will soon be invalidated. For example, the push service - MAY set an expiration time. A Service Worker SHOULD attempt to resubscribe while - handling this event, in order to continue receiving push messages. + The pushsubscriptionchange event indicates a change in a push subscription + that was triggered outside of the application's control, for example because it has been + refreshed, revoked or lost.
- When new push subscription information becomes available, the user agent - MUST run the following steps: + To fire the pushsubscriptionchange event given a + service worker registration of registration, newSubscription + and oldSubscription, the user agent must run the following steps:
pushsubscriptionchange, which does not bubble, is not cancelable, and has no
+ default action.
newSubscription attribute of event to
+ newSubscription.
oldSubscription attribute of event to
+ oldSubscription.
+ - This algorithm ensures that the Service Worker is able to react to any - non-destructive change in a push subscription, such as an automatic refresh, - without causing any active push subscription to be terminated prematurely. A - Service Worker can request a new push subscription during this process and - ensure that no push messages are lost. +
+ Consider using a more reliable synchronization mechanism such as [[WEB-BACKGROUND-SYNC]] + when sending the details of the new push subscription to your + application server. The user might be subject to unreliable network conditions that + could cause a fetch to fail.
+ +
+ dictionary PushSubscriptionChangeInit : ExtendableEventInit {
+ PushSubscription newSubscription = null;
+ PushSubscription oldSubscription = null;
+ };
+
+ [Constructor(DOMString type, optional PushSubscriptionChangeInit eventInitDict), Exposed=ServiceWorker]
+ interface PushSubscriptionChangeEvent : ExtendableEvent {
+ readonly attribute PushSubscription? newSubscription;
+ readonly attribute PushSubscription? oldSubscription;
+ };
+
+
+ The newSubscription attribute contains the details of the
+ push subscription that is valid per invocation of the pushsubscriptionchange
+ event. The value will be null when no new push subscription could be
+ established, for example because the webapp has lost express permission.
+
+ The oldSubscription attribute contains the details of the
+ push subscription that SHOULD NOT be used anymore. The value will be
+ null when the user agent is not able to provide the full set of
+ details, for example because of partial database corruption.
+