-
Notifications
You must be signed in to change notification settings - Fork 304
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
403 (Forbidden) FCM Errors #457
Comments
I haven't heard of this problem before. I think you'll have to file a bug for FCM. |
https://firebase.google.com/docs/reference/fcm/rest/v1/ErrorCode |
I informed Google but they could not analyze my failing tokens. It seems all affected tokens are from April to June 2019. To be confirmed soon. |
Yes, only new tokens are affected. |
pywebpush made some VAPID exp adjustments: web-push-libs/pywebpush#100 They had the same problem. |
@cbratschi @renegadeHomie can you share the code you are using to send the push notifications with web-push? I can check if it could be the same problem as pywebpush, but I doubt it (as far as I can see, we regenerate the expiration on every call to sendNotification). |
Hi @marco-c, We are using an Express service i.e. the module is loaded once and stays in memory. About 10 web pushes are sent a day to about 50k subscribers. We are using 4 child processes to send the pushes as fast as possible. Here is the central part of the push code:
The non-VAPID version is used for old GCM tokens migrated to FCM. Push loop where options points to the array above (array instance is static):
Hope this helps. |
I'm assuming the failing ones are all VAPID ones like you said in the first comment, correct? Could you try running Line 128 in c8bb8b4
|
Yes, these are all VAPID ones, since April 2019. Older tokens seem to work fine. But not all new tokens are affected. Will check the server time now. |
The server time is fine. |
The Java library has issues too: web-push-libs/webpush-java#57 In my opinion this is a Firebase bug but Firebase support does not want to investigate yet. |
For whatever it's worth, I was getting this same 403 Forbidden error and it turned out to be because I was decoding my VAPID keys the wrong way on the client (the library I used didn't understand base64url) so they didn't match the ones on the server. I doubt that this is what's causing your problem but this issue was the top search hit for the error message so hopefully I can help someone else. |
I can confirm sending push notifications doesn't work for FCM using VAPID. Getting 403 each time. I'm on latest Chrome version. EDIT: I have managed to send a notification to Chrome! It turns out, if you send an empty payload, you get a status forbidden for some reason. |
had the same problem, needed to add "https://" before fcm.googleapis.com/fcm/send and it solved the problem |
In our cases the URLs are all HTTPS but fail with 403. Currently 2k of about 74k pushes are failing. The number is now more or less stable. We plan to remove those 2k tokens as expired ones soon. There is no other solution right now. |
I have the same problem, getting 403 Forbidden. I switched back to an older one and it works again. |
I wonder if this is the same as #532. |
I met this problem . I think the reason why you get a 403 Forbidden is that cache file used by serviceWorker does not update in time. |
Are you still seeing this issue? |
We consistently get some 403 errors. These values are from our latest sent batch of push notifications: Host errors:
Format: :: |
NOTE: Please test in a least two browsers (i.e. Chrome and Firefox). This
helps with diagnosing problems quicker.
Setup
Operating System: Linux
Node Version: 11.x
web-push Version: 3.3.4
Problem
Does anyone else have similar issues? Do you discard such failing tokens?
Is this documented anywhere by Google?
Expected
Features Used
Example / Reproduce Case
Other
The text was updated successfully, but these errors were encountered: