Blog / web app security / Blurring the web and the app: web push

Blurring the web and the app: web push

If you do nothing else with this article, please click the Bell in the lower right. Thanks!

The web is the great leveller. The great deliverer of information. But, sometime between the early days of a read-only medium, and today, it became the primary application delivery vehicle. And the browser became the operating system.

At first we had simple web forms. You were presented some information, you supplied some information, you hit “Submit”. It worked for signing up to newsletters, but beyond that it was not that great.

Then we had a false start. Java applets, Flash came on the scene, seeking to make the web a delivery for executables. Billions were spent, security was compromised. RIP you evolutionary dead-end.

Now we have a technology called Progressive Web Applications. These behave as a local rich application, but, run in the web. Google Docs is a great example. You use these every day and don’t know. If you have a web-app hybrid you like, there’s a good chance its a PWA. You may hear words like Reactive, Angular, AJAX, etc.

However, one of the challenges was… what if the browser were not open to the page. How would you receive a push notification from something like Email? This is where the Push API came in. It allows a server to efficiently wake up and deliver some data to a sleeping web application. Efficient in battery usage, in network usage.

At Agilicus we use the Web Push for multiple uses. We use it as part of the multi-factor authentication feature in our product (locking a user to a browser, waking it up with a “Was this you logging in”?).

But, we also use it on this very web page to help you know when a new blog post is available. And, you see, because we care, it doesn’t auto-suggest you turn it on. You see that bell in the lower right? Click it. It will ask if you want to Subscribe. Web Push is anonymous, we don’t know who you are. You are in control, you can unsubscribe any time. This is much better than subscribing via email which is neither anonymous nor easy to guarantee unsubscribe.

And yet, like much technology, people don’t understand, and don’t trust, and thus use something worse for them. More people subscribe to this site via email than via webpush.

So, I am hoping you will do two things:

  1. Subscribe to this site using that bell
  2. Use web push subscriptions in the future on sites you trust, and you want to receive updates from

So, give it a try. It won’t bite. I promise.

Leave a Reply

Your email address will not be published.