Forgot your password?
typodupeerror
Firefox Mozilla Programming The Internet

Firefox's Web Push Notification System Announced 132

Posted by Soulskill
from the convergent-alert-evolution dept.
eldavojohn writes "Describing Notifications as 'somewhere between email and IM,' Mozilla has announced this push technology as a way to receive notifications from websites without having to keep them open in your browser — as well as receiving them on your mobile device. A JavaScript API reveals early interface ideas by the team. This core concept is not new — both Google and Apple have their own push notification systems for Android and iOS respectively. However, 'It's important to note that this push notification system is distinct from the existing desktop notification mechanisms that are already defined in pending standards. The desktop notifications that websites like GMail and Seesmic Web display to Chrome users, for example, will only work when the website is left open in a tab. Mozilla's push notification system moves beyond that limitation.' Mozilla is attempting to take push notifications to the entire web for any website to use."
This discussion has been archived. No new comments can be posted.

Firefox's Web Push Notification System Announced

Comments Filter:
  • WebSlices (Score:5, Interesting)

    by Anonymous Coward on Friday February 03, 2012 @04:11PM (#38919867)

    Microsoft did this with WebSlices in Internet Explorer 8.

    http://msdn.microsoft.com/en-us/library/windows/desktop/cc956158%28v=vs.85%29.aspx

    As you can tell from how prominent they are, this idea really took off among web users.

    • Re:WebSlices (Score:5, Informative)

      by Anaerin (905998) on Friday February 03, 2012 @04:30PM (#38920109)
      IE may have introduced it in IE8, but Netscape (Remember them?) introduced it in 1995 in NS1.1, and it's supported in every browser except IE: http://en.wikipedia.org/wiki/Push_technology#HTTP_server_push [wikipedia.org]
      • by yelvington (8169)

        No. This is not HTTP server push. Has nothing to do with HTTP server push. Has nothing to do with Web Slices, either. This is more like dynamically assigned micro-mailboxes for message passing. Read the docs.

      • by obsess5 (719497)
        I used to use server-push in a custom Tcl-based web server back in the 1990s. Early versions of Opera supported server-push, but then it was dropped in later versions. Too bad because it was a nice technique at the time.
  • by Anonymous Coward on Friday February 03, 2012 @04:11PM (#38919869)

    It's like we're fighting with ourselves though. "I really love these web apps, but I really wish they weren't web apps"

    • if i had seen you comment before i posted, i would have modded you up - you pretty much nailed it there
    • by Anonymous Coward

      the reason people love web apps is because they don't fuck up your computer. visit 100 web apps use them all free, close your browser. Next time you open it, good as new.

      Good luck installing 100 real applications on Windows or Mac and getting anything like usability out of it.

      • by aix tom (902140)

        On the other hand, the more web apps you get at the more different browsers diversify into different features, the more you get the "This web app only works on $browser from $version to $version, and that on only from $browser from $version to $version."

        We already have some of those problems with about 10 web Apps in out INTRAnet, where we have perfect control over both the server AND the web browser the users use.

        The more web Apps start to interact with each other, and the more they interact with the local

        • by gbjbaanb (229885)

          you've already got this problem with desktop apps, though not as bad as it is with current browsers (and definitely not as bad as with past browsers)

          At the moment, install a .NET app on a 100 desktops and you'll see 1 or 2 fail with errors, possibly due to a different number of updates installed, sometimes due to GAC or registry issues with other modules being/not being installed.

          My current issue is with a .NET app that doesn't run on my box (at all) because I'm on Win 7 sp1 and that has an ADO interface ch

      • by wzzzzrd (886091)

        the reason people love web apps is because they don't fuck up your computer.

        Get an operating system then.

  • Im not opposed (Score:5, Interesting)

    by james_van (2241758) on Friday February 03, 2012 @04:11PM (#38919871)
    but i feel like we're back in the late 90's/early 2000's with all the different web technologies from different companies, almost to the point of having to add the old "best viewed in derp derp browser" messages to websites. i know this sort of thing is necessary to move things along, but i kinda hate this limbo phase where we have all kinds of new/interesting/exciting/annoying technologies, and no standards yet to bring them together. that's my rant, ill be quiet now.
    • Re:Im not opposed (Score:5, Interesting)

      by arose (644256) on Friday February 03, 2012 @04:32PM (#38920143)

      You're looking too far ahead. The bleeding edge basically has to be this way to hammer out the problems before proposing the standard. On the other hand quite a few new/interesting/exciting/annoying technologies have been drafted together and implemented across the board. Or are things moving so fast that stuff like canvas, that is barely starting to see production adoption, doesn't qualify anymore?

      TL;DR It only seems like The Browser Wars because it's easy to pick out the incompatibilities.

    • by migla (1099771)

      but i feel like we're back in the late 90's/early 2000's with all the different web technologies from different companies, almost to the point of having to add the old "best viewed in derp derp browser" messages to websites. i know this sort of thing is necessary to move things along, but i kinda hate this limbo phase where we have all kinds of new/interesting/exciting/annoying technologies, and no standards yet to bring them together. that's my rant, ill be quiet now.

      You have got a point.

      But, if we look at this from the perspective of freedom-power-to-the-underdog and assume Mozilla is all for that, then there was much rejoicing. I am under the impression that Mozilla is in it for the benefit of all us little common people. Therefore, this, whatever it is, and even if MS allready did it, is presumably a good thing. Somebody correct me if I'm wrong (is Mozilla not the knight with shiny armpits I assume?).

    • Well in fairness, sometimes this sort of thing just needs to happen. It's frustrating when there's a clear technological winner that isn't being implemented because of some political reason, but often enough there are legitimate reasons why the different browsers aren't happy with a given standard. Over time, improvements get made, problems get settled, new standards come out. Eventually, hopefully, there's a good standard that people can agree with. It takes time, but it's just what needs to happen.

      Wh

      • by hairyfeet (841228)

        If its anything like HTML V5 the "standard" will be fucking useless. Instead of having a brain and setting a free codec as a bare minimum, such as Vorbis or WebM, to where anybody could degrade to that and be assured that the content would play, instead they just left it a generic "video" tag and ended up with Apple being able to slam through H.264 which while it is very obviously the most technologically superior codec, its holding group might a well have as a motto "Pay your $699 license fee, you cocksmok

        • with Apple being able to slam through H.264 which while it is very obviously the most technologically superior codec, its holding group might a well have as a motto "Pay your $699 license fee, you cocksmoking teabaggers!" so you can give up anybody other than the big three (Apple,Google,MSFT) using it.

          Well but here's the problem: First, h264 is (at least arguably) the technologically superior codec. Second, you're paying a licensing fee on h264 for patents, and AFAIK there's still no guarantee that Vorbis or WebM don't infringe on any patents.

          Nobody is claiming patent infringement because they aren't in wide use, and the money isn't really there. If one of them becomes the standard across all kinds of devices, someone might come along and start suing. Now maybe that's just FUD, but it's good enough F

          • by hairyfeet (841228)

            Well in the case of WebM you have an 8000 pound gorilla buying patents like they are going out of style so I'm sure if they went after Google there would be a serious case of the MAD strategy at play, as Google could unleash their patents and lawyers and make things SERIOUSLY bad for MPEG-LA.

            As for what I mean? There are already two browsers FF and Opera, that can't legally play your videos, so any users of those browsers won't be able to use your site. But since those users CAN use flash, why the fuck shou

            • As for what I mean? There are already two browsers FF and Opera, that can't legally play your videos, so any users of those browsers won't be able to use your site.

              Generally speaking, this is no worse or more fragmented than before. On the contrary, you have basically eliminated WMV, Real Media, and you're on your way to being without Flash.

              But since those users CAN use flash, why the fuck should I switch? you're either gonna end up with H.264 for the iShiny and flash for everybody else, or they'll stick with flash and leave the iShiny to GTFO.

              I think you miss the point. That "Flash video" is still H264. The switch has happened. It's just than when you use Flash, you are locking yourself out of a very popular mobile platform while also committing yourself to a proprietary inefficient video player.

              Finally how is Adobe forcing shit? not only can you include their player absolutely free which you can NOT do withH.264

              Again, you're missing something very important. The Flash player is ju

    • The companies that are trying to innovate, the companies that don't want to see *other* companies innovate, or the standardization system that moves at the speed of my grandpa, rocking in his chair while keeping an eye on all these children running around?
    • I still have a copy of Delivering Push [amazon.com] somewhere in the Netherlands ...
  • by Anonymous Coward on Friday February 03, 2012 @04:13PM (#38919899)

    Now if there were only a way to make this syndication Really Simple. [wikipedia.org]

    • Re: (Score:3, Informative)

      by icebraining (1313345)

      That's pull, no push. Pushing is much more efficient.

      • by nschubach (922175)

        Yep, it would be like /. telling you when there's a new story instead of hitting their servers every 2 minutes trying to find out if there are any.

      • by sexconker (1179573) on Friday February 03, 2012 @04:33PM (#38920155)

        That's pull, no push. Pushing is much more efficient.

        A "pull" notification requires the client to poke a server and check for content. This is typically done on a set interval.

        A "push" notification requires an open connection to push content through. The client acts as a server.

        Pushing is only more efficient if you're the server or you have a device with such a shitty battery.
        Desktop and laptop users don't give a flying fuck about the battery use required to poke at a server. The only ones who care are people on phones / tablets / nettops / other fad devices. And they all have "apps".

        The bottom line is that the client should NOT have to maintain a connection the server can inject into.
        It's backwards and retarded behavior for a web browser to maintain open connections to remote servers after a page is closed.
        You might as well just elav the tab open.

        There's a reason why no one uses IE's web slices.

        • by JustSomeProgrammer (1881750) on Friday February 03, 2012 @04:53PM (#38920397)
          A pull notification system is more efficient only if there are updates more frequently than polls. If the updates are very infrequent it gets to be more efficient for pushing. And pushing shouldn't require you to keep a connection open to each site, it should just require you to keep one port open where all push notifications would go. The server would open a connection to that port in order to send the push. Unless pushes are frequent then you might maintain an open connection blah blah blah. At least every push system that I've ever worked with works in this way. Usually results in less traffic since there's never a poll that goes "hey ya got anything yet?"
          • by Anonymous Coward
            Who would control the master push server for the web?
          • Re: (Score:2, Insightful)

            by sexconker (1179573)

            A pull notification system is more efficient only if there are updates more frequently than polls. If the updates are very infrequent it gets to be more efficient for pushing. And pushing shouldn't require you to keep a connection open to each site, it should just require you to keep one port open where all push notifications would go. The server would open a connection to that port in order to send the push. Unless pushes are frequent then you might maintain an open connection blah blah blah. At least every push system that I've ever worked with works in this way. Usually results in less traffic since there's never a poll that goes "hey ya got anything yet?"

            First, you'd have to define efficiency.

            As a non-mobile user, I don't give a flying fuck about how much power or system resources my polls cost me, and I don't give a fuck about the server end (because I'm selfish, because it should be able to handle it, etc.). Efficiency is nothing more than the delay between something existing and me getting it. Polling once a minute is more than fine for everything except emergency notifications, and those all (should) have a dedicated, separate communication channel.

            I'

            • by adolf (21054)

              [much verbiage]

              Your outlook is not unreasonable.

              But here's what I want (for my own valid reasons): Instant updates. Push can do this, while pull cannot (well, without hammering things to the extent that even a selfish bastard like myself would begin to realize that I'm placing undue strain on things while really standing out in someone else's logfile).

              As a consumer, I don't give a flying fuck about security. I've got enough holes by simply connecting my machines with a wide-open egress firewall -- one li

          • by 21mhz (443080)

            And pushing shouldn't require you to keep a connection open to each site, it should just require you to keep one port open where all push notifications would go. The server would open a connection to that port in order to send the push.

            Of course, this works wonderfully in modern day internet, where pretty much every ordinary web client is behind a NAT and/or a firewall of some sort. There are all sorts of ugly solutions to keep that external port open on whatever box controls it (and you are fortunate if there's just one between you and the server), but nothing works as reliably as a TCP connection that is kept alive with periodic pings.

            That said, one connection to take care about all notifications is much better than many web apps doing

        • This system doesn't push directly to the client; your argument is irrelevant.

          • This system doesn't push directly to the client; your argument is irrelevant.

            It absolutely pushes to the client, and the client must maintain an open port (thus functioning as a server for this function) for this to happen.

            • Can you please point out that part in the proposal? As far as I can see, the proposal only specifies the website to Notification Service part, not the part where those notifications are delivered to the user.

              • Can you please point out that part in the proposal? As far as I can see, the proposal only specifies the website to Notification Service part, not the part where those notifications are delivered to the user.

                Are you joking?
                Website -> middle man server -> client devices.

                The middle man exists so they can track statistics, let end users easily manage permissions and devices, and so they can store notification history and push to all devices regardless of when they're reachable.

                Each client device must have an open communcation channel to receive the push notification from the middle man server.

                Or are you suggesting that the proposal is for a service where a website can issue notifications to a server that end

                • Or are you suggesting that the proposal is for a service where a website can issue notifications to a server that ends up NOT delivering them to the intended end user?

                  Of course it delivers them. Doesn't mean it has to deliver them using push over an open connection. In fact, from what I could tell, they considered pushing them to Twitter and email, for example, which aren't necessarily push.

                  So, can you tell me where they specify that the delivery to the client has to be done using push over an open connection?

        • That is an excellent point. I hope it will be easy to turn this off when it comes out in Firefox 13.
      • by Anonymous Coward

        And there already is pushing:
        http://en.wikipedia.org/wiki/PubSubHubbub

  • more spam please! (Score:5, Insightful)

    by HarrySquatter (1698416) on Friday February 03, 2012 @04:13PM (#38919907)

    Yay! A new spam vector!

    • Re: (Score:3, Informative)

      by Anonymous Coward

      Requires your permission first. Get spammed? Revoke permission.

      • by HarrySquatter (1698416) on Friday February 03, 2012 @04:27PM (#38920073)

        Riiight. Because no one will ever find a way to abuse it. No, that never happens.

        • Re:more spam please! (Score:4, Informative)

          by gorzek (647352) <gorzek@gmail.3.1415926com minus pi> on Friday February 03, 2012 @04:32PM (#38920141) Homepage Journal

          Riiiight. Because it couldn't at all be possible to have a settings page like this:

          From which sites do you wish to permit push notifications?
          slashdot.org
          news.google.com
          cnn.com

          No, your browser would have to accept (and display!) every single notification ever sent to you. Makes perfect sense.

          And for each little notification bubble, why couldn't there be a little button? "Don't allow any more notifications from this service." Done.

          It's like saying you just have to deal with spam emails. No, you don't. That's what spam filters, whitelists, etc. are for. This sort of service sounds like it would be whitelist-based to begin with, so anyone who abuses the service can easily be blocked.

          • Because you think people can't be easily tricked into giving permission for this and then it used for spam?

            • by 21mhz (443080)

              Because you think somebody can be tricked into getting spam through this, and is dumb enough to not be able to cut the spammer off, means that the technology is useless for any legitimate purpose?

          • by sexconker (1179573) on Friday February 03, 2012 @04:38PM (#38920221)

            Riiiight. Because it couldn't at all be possible to have a settings page like this:

            From which sites do you wish to permit push notifications?
            slashdot.org
            news.google.com
            cnn.com

            No, your browser would have to accept (and display!) every single notification ever sent to you. Makes perfect sense.

            And for each little notification bubble, why couldn't there be a little button? "Don't allow any more notifications from this service." Done.

            It's like saying you just have to deal with spam emails. No, you don't. That's what spam filters, whitelists, etc. are for. This sort of service sounds like it would be whitelist-based to begin with, so anyone who abuses the service can easily be blocked.

            Sorry, this post cannot be displayed.
            Please make sure you enable cookies, javascript, popups, and ads from yet.another.spamming.and.tracking.domain.from.google.com .

            • by Zan Lynx (87672)

              Sorry, this post cannot be displayed.
              Please make sure you enable cookies, javascript, popups, and ads from yet.another.spamming.and.tracking.domain.from.google.com .

              I use Firebug quite a lot to get around this because I run NoScript. Hello noscript tag or large obnoxious div blocking me from your mostly usable web site. Your visibility is now set to false.

          • by houghi (78078)

            Yes, because that is what I like. Click on accept and/or decline for each website I ever visit and then not know if it actually comes from that site or from a subdomain or from some iframe or ...

            You want to know the updates of a site? Use RSS. Opt-in, not opt-out please.

          • It's like saying you just have to deal with spam emails. No, you don't. That's what spam filters, whitelists, etc. are for.

            Umm... email spam is only kinda half-solved, and that's after throwing millions of dollars at it.

  • Data caps? (Score:5, Funny)

    by mr_lizard13 (882373) on Friday February 03, 2012 @04:14PM (#38919911)
    I fear if they use this to push notifications for each new Firefox release then I'll exceed my data cap.
  • by Xolve (2527602) on Friday February 03, 2012 @04:17PM (#38919965)
    Apart from making browser and email client, Mozilla is contributing a lot to bring more functionality to web. The good thing is that they do it in a very open way. But they lack popular web services to push the features. e.g. Google brought these APIs to Chrome and Gmail implemented them. While how many websites actually honor do not track option is still not known. Mozilla should also try to find collaborations with major web services providers to make the features happen.
    • Since Google has many "archenemies" (microsoft, facebook, etc), mozilla con just "suggest" to them that they use this technology. I belive there's a greater chance of them adopting it than gmail.
      Or maybe not.

  • by Anonymous Coward

    How is this different from PointCast?

    I never really saw the advantage of push technology over lightweight "pull" technology like RSS feeds. And who really wants desktop notifications when they're not using a program meant to read that kind of info? It's not like memory's so starved we have to close all our apps when they're not in use. We do that only when we don't want them bothering us.

  • Are they saying they support at least 32 bytes of information per message? 256 bits of randomness for those random messages? Perhaps I am just missing out on some cool-hip-web2.0-developer terminology here?
  • by janeuner (815461) on Friday February 03, 2012 @04:29PM (#38920099)

    But I guess somebody's paycheck depends on reinventing the wheel?

    http://tools.ietf.org/html/rfc3265 [ietf.org]

  • So who's gonna patent this technology first so they can sue the fuck out of everyone this time ? ps: does it show I got no more faith for this suing business thing anymore ?
  • by Anonymous Coward

    How will this work with dynamic IPs?
    What privacy implications are there if a message intended for me got sent to someone else who now has my IP?

    There'd need to be some sort of system for people to regularly refresh their IP. Opera Unite sort of done this by having their own service which connected to their servers.
    So, basically have the system designed in a way that it automatically refreshes IP to the server for whatever website you are subbed to when the IP is detected as different. (sort of like how th

    • by Obfuscant (592200)

      How will this work with dynamic IPs? What privacy implications are there if a message intended for me got sent to someone else who now has my IP?

      What's even more important is how does this deal with people who are behind NAT or a firewall? I mean, my "browser" can become a "server" by opening a port on my desktop all it wants, nobody from outside is going to be able to connect to it.

      Now, I can open that path through my router if I want to, but what about people who work behind firewalls that can't change anything?

  • Will it even work? (Score:5, Insightful)

    by Todd Knarr (15451) on Friday February 03, 2012 @05:12PM (#38920593) Homepage

    Will it work:

    • When the browser isn't running?
    • When the machine's behind a NATing router that isn't configured for port forwarding or a DMZ?
    • When the machine's behind a firewall that blocks all incoming connections that aren't associated with an outbound connection?

    If it can't, then we're going to be able to use it how again?

      • When the browser isn't running?
      • When the machine's behind a NATing router that isn't configured for port forwarding or a DMZ?
      • When the machine's behind a firewall that blocks all incoming connections that aren't associated with an outbound connection?

      It's a problem on the host side too... the origin IP will be hidden by the firewall and/or load balancer. There are some workarounds, but will your infrastructure department support them? And can you get the workaround to play nice with your developer tools / website SDK's / vendor products / etc. that have come to depend on this push feature?

      • Replying to myself now that I've read the protocol. Their design isn't an issue for the host, because it is the client that determines the callback URL.

        To make the spec viable*, it seems like you would need a third party service (possibly run by Mozilla or Verizon, Sprint, etc.) that your browser would talk with to get internet-visible callback URL's for. The service would aggregate your notifications, and you'd either poll for them periodically or maintain an always-on TCP/IP connection. It requires muc

    • by emj (15659)

      Yes it will, basically

      1. the website ask for permision
      2. the webbrowser asks the user
      3. the user says Sure post you notifications to my notification URL http://example.com/my-notes [example.com]
      4. user checks http://example.com/my-notes [example.com] for notifications
      5. the website pushes notifications to the notification URL
      6. user checks http://example.com/my-notes [example.com] for notifications
      7. user checks http://example.com/my-notes [example.com] for notifications
      8. user checks http://example.com/my-notes [example.com] for notifications
      9. user checks http://example.com [example.com]

      • by Obfuscant (592200)

        3. the user says Sure post you notifications to my notification URL http://example.com/my-notes [example.com]

        So just where is this user's 24/7 webservice going to be running, that can accept this "push" content? You haven't solved the problem, you've just hidden it behind a URL.

        6. user checks http://example.com/my-notes [example.com] for notifications

        So it really is pull, just written with the letters 'p', 'u', 's' and 'h'?

        If I want to check a URL for content, why not just check the URL directly?

      • by Todd Knarr (15451)

        If they're doing that, why don't I just query the website directly using, oh, I don't know, their RSS feed?

  • by Anonymous Coward

    Is there a reason why they don't use an already available and open standard like XMPP (wich BTW could also replace RSS)?
    http://xmpp.org/about-xmpp/technology-overview/pubsub/

  • People have been trying to get this right since at least 1998. The problem is, there is no right. As soon as you have a push channel, websites begin abusing it, and that channel gets shut down. It just can't be done.

  • What, are we finally going to use something besides port 80? Haven't they all been blocked by our ISPs already?
    • by idontgno (624372)

      No, actually, that's the point. That's the technology trend of the 21st Century.

      Every transport, protocol, or presentation which used to be carried over TCP or UDP will now be re-encapsulated and shipped down TCP/80 or TCP/443 with a hip new name.

      Why? Because doing everything in a browser is COOL.

  • What it will be used for:

    Search Kayak.com for tickets to Hawaii in a month.
    Click on a link for the flight you want.
    Get a popup about allowing their "rate advisor".
    Allow it.
    Go back to the Kayak results.
    Click another result from a competitor airline and allow their "rate advisor".
    Get a notification from the first airline that you can save $$ on that flight if you book now.
    Go back to the first airline's website.
    Get a notification from the second airline that you can save $$ on that flight if you book now.
    Compa

  • This is actually a useful idea--I keep at least 6 "app tabs" open in firefox at all times just to see when I get notifications from Gmail, Facebook, Twitter, Google Calendar, Google Voice, etc. A push notification system could give nice in-browser notifications without keeping entire pages loaded into memory.
  • by hey (83763)

    I enjoy code like:

            {url: url}

  • by windcask (1795642)

    Isn't this functionality, to a large extent, provided with a decent RSS reader?

  • I really don't need anything popping up but my Growl http://en.wikipedia.org/wiki/Growl_(software) [wikipedia.org] So push me your notifications, but do it in a standard way. HEX
    • by caspy7 (117545)

      If the protocol becomes accepted/standardized, Growl will probably want to incorporate it.

    • Or libnotify on *nix. Most *nixapps use this to show standardized notifications, and mozilla just caught up the last year or so.

Philogyny recapitulates erogeny; erogeny recapitulates philogyny.

Working...