- From: Marco Colli <notifications@github.com>
- Date: Mon, 20 Dec 2021 13:06:32 -0800
- To: w3c/push-api <push-api@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Monday, 20 December 2021 21:06:44 UTC
I am really curious about this... However I can't think of any real word scenario where P2P web push can be used. A user would share his endpoint directly with other users, but **notifications are associated to a domain name!** (and to its authority, permissions, etc.). A random user that receives the endpoint of another user can: 1. share the endpoint with the world 2. someone can send phishing or any other dangerous content to that user ... And the domain displayed (that will be probably blocked by antivirus, etc) is the domain. I don't think that your reasoning can be applied to real world applications, but only to demo applications. -- Reply to this email directly or view it on GitHub: https://github.com/w3c/push-api/issues/303#issuecomment-998269009 You are receiving this because you are subscribed to this thread. Message ID: <w3c/push-api/issues/303/998269009@github.com>
Received on Monday, 20 December 2021 21:06:44 UTC