Can a Unified Push push server see/read notifications?

Kalcifer@sh.itjust.works · edit-2 19 days ago

Can a Unified Push push server see/read notifications?

Dessalines@lemmy.ml · edit-2 19 days ago

Yes, I believe all the messages are in plain text, and it’s up to the server not to log it.

It is possible to e2ee the message content yourself tho.

Edit: it looks like ntfy.sh specifically keeps messages cached in memory for a few hours befor discarding them. https://docs.ntfy.sh/config/

Kalcifer@sh.itjust.works · 14 hours ago

Isn’t this contradicting the Unified Push spec? It states:

Push message: This is an array of bytes (ByteArray) sent by the application server to the push server. The distributor sends this message to the end user application. It MUST be the raw POST data received by the push server (or the rewrite proxy if present). The message MUST be an encrypted content that follows RFC8291. Its size is between 1 and 4096 bytes (inclusive). [1]

References

Unified Push spec. Unified Push. Accessed: 2024-11-22T05:07Z. https://unifiedpush.org/developers/spec/android/
- “Developers/Specifications/Android”. §“Resources”