Closed data-sync-user closed 2 years ago
I understand that the SendTab feature uses the web-push library to VAPID sign the push messages. With the roll out of the new Autopush in Rust canary, the exp field MUST be specified in Numeric format. (e.g.
web-push
exp
{ "sub":"mailto:xyz@example.com", "exp": 1234567890, "aud": "https://updates.push.services.mozilla.com" }
)
While the web-push library generates a numeric by default, it is easy to accidentally introduce a stringified numeric.
Please verify that the generated VAPID assertion that is sent as part of the VAPID Authorization header block contains a numeric value for exp.
┆Issue is synchronized with this Jira Task
➤ Barry Chen commented:
JR Conlin I’ve verified that the web-push library does ensure that the expiration value is an integer.
I understand that the SendTab feature uses the
web-push
library to VAPID sign the push messages. With the roll out of the new Autopush in Rust canary, theexp
field MUST be specified in Numeric format. (e.g.)
While the
web-push
library generates a numeric by default, it is easy to accidentally introduce a stringified numeric.Please verify that the generated VAPID assertion that is sent as part of the VAPID Authorization header block contains a numeric value for
exp
.┆Issue is synchronized with this Jira Task