PWA and Offline

The Web Push Lifecycle Across Expiry, Permission Changes, and Rotation

Manage permission prompts, PushSubscription changes, VAPID keys, 410 deletion, per-device preferences, encrypted payloads, and click routing.

A sound implementation does not ask users to refresh until it works. Each phase has an input, an output, a timeout, and a terminal state. A push subscription is an endpoint plus keys, not a permanent user ID. It rotates or returns 404/410, after which the server removes it and the client reregisters.

Offline UX distinguishes locally available, pending sync, and server-confirmed states. Cache versions, command queues, and conflict resolution belong together or reconnecting amplifies collisions between old actions and new facts.

Define the system contract first

Turn the important choices into durable contracts: validate inputs, assign state ownership, define cleanup, and specify fallback for older peers. Later optimization must not change those semantics.

  • Request permission only after clear value, bind subscription to device preference, carry only event ID and minimal type, and fetch content after verified navigation.
  • Bound every input by size, count, and time, returning a stable actionable error code when a budget is exceeded.
  • Ship conservative defaults, server-side ceilings, and a rollout switch instead of trusting browser-provided numbers as resource budgets.

The delivery standard for The Web Push Lifecycle Across Expiry, Permission Changes, and Rotation is a usable normal path, convergent failures, bounded resources, and a state users can understand. The result is a production capability that can be explained, degraded safely, and rolled back—not a demo that works once.

What can break that contract

Failure and success must share one state model. An error toast that neither releases resources nor propagates a terminal state leaves dirty work for the next recovery attempt.

  • Prompting on first load causes permanent denial, while message bodies in push payloads leak to infrastructure and notification history.
  • Fixing only the UI leaves queues, locks, or expired credentials for the next operation to inherit and fail again.
  • Without backpressure or quota, a slow consumer raises memory, queue depth, and tail latency until unrelated users are affected.

How to test the contract line by line

Build golden cases from known inputs and controlled faults, then align production metrics with those results. Verification extends to production only when signals detect the same degradation early.

  1. Cover allow/deny/default, endpoint rotation, 410, per-device disable, VAPID rotation, and duplicate push; notify once with minimal content and honored preference.
  2. Drive the state machine with reordered, duplicate, and delayed messages, proving stale versions are ignored and explicit stop survives recovery.
  3. Use fault injection to prove alerts precede user reports and operators can locate the failing phase from bounded evidence.

The result must be correct, recoverable, and explainable. If any part depends on refreshing the page or an engineer guessing, the protocol loop remains incomplete.

Put the guide to work

Open uCopy and connect two devices securely from the browser.

Start for free