The Web Applications Working Group (W3C) has published the first public working draft of a Push API.
The new specification, authored by Bryan Sullivan of AT&T and Eduardo Fullea of Telefonica, is for a “Push API” that you could use in a web app to work with application data created on a server.
The API defines how an application server could send data to client-based web apps. The application data is sent as "Push messages" as delivered by "Push services".
The messages would be sent whether or not the web app was active in the browser window, and you could make use of scripts to define how the interaction should take place. The method that a web app would use to interact would either be selected by the browser, or by the user. The user would choose to receive data by selecting a Web Intent Push Service provider.
In most cases where data is sent from an application servers as push messages that are sent to a push server, by a RESTful interface for example. The push server then delivers the message to the user agent associated with the web app. The user agent then delivers the Push message to the web app.
The new API means a web app can ask the user for permission to receive Push messages, along with the permission to give the user agent the info it needs to activate the Push service.
Mozilla is working on a defense platform to automate the handling of security incidents, and to enable the use of incident handlers. Why not create tools for defence - the attackers have plenty!? [ ... ]