PushManager: supportedContentEncodings static property

Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.

Note: This feature is available in Web Workers.

The supportedContentEncodings read-only static property of the PushManager interface returns an array of supported content codings that can be used to encrypt the payload of a push message.

User agents must support the aes128gcm content coding defined in RFC 8291, and may also support content codings defined from previous versions of the specification. The returned array is frozen, and may not be modified by the recipient.

The application server requires this coding in order to encrypt push messages for sending to the push server. The coding used for encryption is also included by the app server in the Content-Encoding HTTP header field of each push message.

The specification does not define how the client code should send the application server the supported codings, or the information in the PushSubscription that it also needs in order to encrypt and send a push message. One approach is shown in the examples section below.

Value

An array of strings. This usually contains just one value: "aes128gcm".

Exceptions

TypeError

This is thrown when attempting to set a value in the returned array.

Examples

Sending coding information to the server

Push messages are encrypted on the application server for sending to the push server, and decrypted by the browser before being passed to the application service worker. The public and private keys used are generated by the browser, and only the public key and an associated secret are shared with the web app, and hence the application server. This ensures that push messages remain private as they pass through the push server infrastructure.

The p256dh public key and auth secret used for encrypting the message are provided to the service worker via its push subscription, using the PushSubscription.getKey() method, along with the target endpoint for sending push messages in PushSubscription.endpoint. The coding that should be used for encryption is provided by supportedContentEncodings.

This information may be sent to the application server using any mechanism. One approach is to put the needed information from PushSubscription and supportedContentEncodings into a JSON object, serialize it using JSON.stringify() and post the result to the application server.

js
// Get a PushSubscription object
const pushSubscription = await serviceWorkerRegistration.pushManager.subscribe();

// Create an object containing the information needed by the app server
const subscriptionObject = {
  endpoint: pushSubscription.endpoint,
  keys: {
    p256dh: pushSubscription.getKeys('p256dh'),
    auth: pushSubscription.getKeys('auth'),
  },
  encoding: PushManager.supportedContentEncodings,
  /* other app-specific data, such as user identity */
};

// Stringify the object an post to the app server
fetch(`https://example.com/push/`, {
  method: "post",
  body: JSON.stringify(pushSubscription);
});

Specifications

Specification
Push API
# dom-pushmanager-supportedcontentencodings

Browser compatibility

BCD tables only load in the browser