[GH-ISSUE #664] UnifiedPush: Respond with 404/409/... to Mastodon/etc. instead of 507 based on User-Agent #490

New issue

Open

opened 2026-05-07 00:24:42 +02:00 by BreizhHardware · 11 comments

BreizhHardware commented 2026-05-07 00:24:42 +02:00

Owner

Copy link

Originally created by @binwiederhier on GitHub (Mar 8, 2023).
Original GitHub issue: https://github.com/binwiederhier/ntfy/issues/664

Similar to the Matrix Push Gateway change, we should respond to Mastodon/etc. in a way that will make them delete the push subscription.

Mastodon:
github.com/mastodon/mastodon@730bb3e211/app/workers/web/push_notification_worker.rb (L35-L46)

Common-Proxies:
https://github.com/UnifiedPush/common-proxies/blob/main/gateway/matrix.go#L63

/cc FYI @karmanyaahm @p1gp1g

Originally created by @binwiederhier on GitHub (Mar 8, 2023). Original GitHub issue: https://github.com/binwiederhier/ntfy/issues/664 Similar to the Matrix Push Gateway change, we should respond to Mastodon/etc. in a way that will make them delete the push subscription. Mastodon: https://github.com/mastodon/mastodon/blob/730bb3e211a84a2f30e3e2bbeae3f77149824a68/app/workers/web/push_notification_worker.rb#L35-L46 Common-Proxies: https://github.com/UnifiedPush/common-proxies/blob/main/gateway/matrix.go#L63 /cc FYI @karmanyaahm @p1gp1g

BreizhHardware added the

unified-push

server

enhancement

labels 2026-05-07 00:24:42 +02:00

BreizhHardware commented 2026-05-07 00:24:43 +02:00

Author

Owner

Copy link

@p1gp1g commented on GitHub (Mar 8, 2023):

Returning 404 for all non existant UnifiedPush requests (where up=1) will follow UnifiedPush spec and Webpush spec and probably avoid many issues :)

RFC 8030 (Webpush)

A push service MAY expire a subscription at any time. If there are
outstanding requests to an expired push message subscription resource
(Section 6) from a user agent or to an expired receipt subscription
resource (Section 6.3) from an application server, this MUST be
signaled by returning a 404 (Not Found) status code.

UnifiedPush

404

The endpoint does not exist and SHOULD NOT be used anymore. Implementing this is OPTIONAL for both the application server and push server.

<!-- gh-comment-id:1459760556 --> @p1gp1g commented on GitHub (Mar 8, 2023): Returning 404 for all non existant UnifiedPush requests (where up=1) will follow UnifiedPush spec and Webpush spec and probably avoid many issues :) [RFC 8030 (Webpush)](https://www.rfc-editor.org/rfc/rfc8030#section-7.3) > A push service MAY expire a subscription at any time. If there are > outstanding **requests to an expired push message subscription resource** > (Section 6) from a user agent or to an expired receipt subscription > resource (Section 6.3) from an application server, this **MUST be > signaled by returning a 404 (Not Found) status code**. [UnifiedPush](https://unifiedpush.org/spec/server/#404) > 404 > > The endpoint does not exist and SHOULD NOT be used anymore. Implementing this is OPTIONAL for both the application server and push server.

BreizhHardware commented 2026-05-07 00:24:43 +02:00

Author

Owner

Copy link

@p1gp1g commented on GitHub (Mar 17, 2023):

From the discussion in chat:
Maybe returning 404 after some time (12h ?) for the same reasons we chose to do so for matrix ?

<!-- gh-comment-id:1473881887 --> @p1gp1g commented on GitHub (Mar 17, 2023): From the discussion in chat: Maybe returning 404 after some time (12h ?) for the same reasons we chose to do so for matrix ?

BreizhHardware commented 2026-05-07 00:24:43 +02:00

Author

Owner

Copy link

@binwiederhier commented on GitHub (May 23, 2023):

@karmanyaahm @p1gp1g I am inclined to close this, since nobody has complained. The 5xx rates are still high, but I have just learned to live with it ... Thoughts?

<!-- gh-comment-id:1559872570 --> @binwiederhier commented on GitHub (May 23, 2023): @karmanyaahm @p1gp1g I am inclined to close this, since nobody has complained. The 5xx rates are still high, but I have just learned to live with it ... Thoughts?

BreizhHardware commented 2026-05-07 00:24:44 +02:00

Author

Owner

Copy link

@karmanyaahm commented on GitHub (May 25, 2023):

If no one's having noticable problems, it ought to be fine. Still kinda weird it hasn't normalized down though :/

<!-- gh-comment-id:1562915703 --> @karmanyaahm commented on GitHub (May 25, 2023): If no one's having noticable problems, it ought to be fine. Still kinda weird it hasn't normalized down though :/

BreizhHardware commented 2026-05-07 00:24:44 +02:00

Author

Owner

Copy link

@Lastorder-DC commented on GitHub (Jul 7, 2023):

EDITED by @binwiederhier: Removed image containing lots of 507 errors to UP topics. The UP topics are secrets, so I removed the picture.

It keeps happening and increasing.

<!-- gh-comment-id:1625380020 --> @Lastorder-DC commented on GitHub (Jul 7, 2023): _EDITED by @binwiederhier: Removed image containing lots of 507 errors to UP topics. The UP topics are secrets, so I removed the picture._ It keeps happening and increasing.

BreizhHardware commented 2026-05-07 00:24:44 +02:00

Author

Owner

Copy link

@binwiederhier commented on GitHub (Jul 7, 2023):

@Lastorder-DC please censor the picture. Unified Push topics are secrets.

Edit: I took the liberty of removing the image for you.

<!-- gh-comment-id:1625407819 --> @binwiederhier commented on GitHub (Jul 7, 2023): @Lastorder-DC please censor the picture. Unified Push topics are secrets. Edit: I took the liberty of removing the image for you.

BreizhHardware commented 2026-05-07 00:24:44 +02:00

Author

Owner

Copy link

@binwiederhier commented on GitHub (Jul 7, 2023):

This is happening because your server is pushing messages to topics that do not have any subscribers. They are dead topics.

The alternative to returning 507 would be to let them through, but then you'd get rate limited and banned within a matter of minutes. So you can either live with the errors, or manually purge the topics from Mastodon.

I am also ok with pull requests to handle it specifically for Mastodon if there are suggestions.

<!-- gh-comment-id:1625412817 --> @binwiederhier commented on GitHub (Jul 7, 2023): This is happening because your server is pushing messages to topics that do not have any subscribers. They are dead topics. The alternative to returning 507 would be to let them through, but then you'd get rate limited and banned within a matter of minutes. So you can either live with the errors, or manually purge the topics from Mastodon. I am also ok with pull requests to handle it specifically for Mastodon if there are suggestions.

BreizhHardware commented 2026-05-07 00:24:44 +02:00

Author

Owner

Copy link

@Lastorder-DC commented on GitHub (Jul 8, 2023):

@binwiederhier Forgot that. Sorry! (Actually I have sensored them but accidently choose non-sensored version...)

<!-- gh-comment-id:1626859752 --> @Lastorder-DC commented on GitHub (Jul 8, 2023): @binwiederhier Forgot that. Sorry! (Actually I have sensored them but accidently choose non-sensored version...)

BreizhHardware commented 2026-05-07 00:24:44 +02:00

Author

Owner

Copy link

@ShadowJonathan commented on GitHub (Jul 20, 2023):

We're seeing a buildup of push messages to ntfy.sh, presumably to UP. Returning a 4XX code so that the queue is deleted would help a lot, since we're continually getting IP banned by the sheer volume of requests backed up.

Also relevant: https://github.com/mastodon/mastodon/issues/26078

<!-- gh-comment-id:1642965348 --> @ShadowJonathan commented on GitHub (Jul 20, 2023): We're seeing a buildup of push messages to ntfy.sh, presumably to UP. Returning a 4XX code so that the queue is deleted would help a lot, since we're continually getting IP banned by the sheer volume of requests backed up. Also relevant: https://github.com/mastodon/mastodon/issues/26078

BreizhHardware commented 2026-05-07 00:24:45 +02:00

Author

Owner

Copy link

@ShadowJonathan commented on GitHub (Aug 18, 2023):

I've talked with @karmanyaahm about this issue, and the consensus seems to be that, 12h after deletion, nfty should be returning 410s for a given subscription.

<!-- gh-comment-id:1683814515 --> @ShadowJonathan commented on GitHub (Aug 18, 2023): I've talked with @karmanyaahm about this issue, and the consensus seems to be that, 12h after deletion, nfty should be returning 410s for a given subscription.

BreizhHardware commented 2026-05-07 00:24:45 +02:00

Author

Owner

Copy link

@ShadowJonathan commented on GitHub (Aug 18, 2023):

Actually, the .Stale() function will give a better approximation of when to expire.

<!-- gh-comment-id:1683873060 --> @ShadowJonathan commented on GitHub (Aug 18, 2023): Actually, the `.Stale()` function will give a better approximation of when to expire.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

dependabot/npm_and_yarn/web/fast-uri-3.1.2

email-verification

attachment-no-http2

attachment-fixes

attachment-s3

config-generator

postgres-replica

dockers-v2

postgres-support

postgres-webpush+user+message

postgres-webpush+user

postgres-webpush

1364-copy-action

crashfix

user-header

scalar-api-docs

cancel-scheduled

update-available

windows-server

303-update-notifications

postgres

admin-ui

require-login

http-clipboard

message-cache-lock

debian-stripe

predefined-users

busy-timeout

template-dir

ipv6

client-ip-header

apns-fix

feat_optional_require_login

security-updates

pg-message-cache

templating-disallow

templating-3

templating-2

message-size-limit+delay-limit

remove-rate-topics

html-emails

cf-priority

acl-underscores

auth-user-header

markdown

img-attach

web-improvements

utf8-headers

matrix-507-reject

http-response-writer

new-homepage-design

e2e

canary

windows

electron

update-messages

webhook-templating

v2.22.0

v2.21.0

v2.20.1

v2.20.0

v2.19.2

v2.19.1

v2.19.0

v2.18.0

v2.17.0

v2.16.0

v2.15.0

v2.14.0

v2.13.0

v2.12.0

v2.11.0

v2.10.0

v2.9.0

v2.8.0

v2.7.0

v2.6.2

v2.6.1

v2.6.0

v2.5.0

v2.4.0

v2.3.1

v2.3.0

v2.2.0

v2.1.2

v2.1.1

v2.1.0

v2.0.1

v2.0.0

v1.31.0

v1.30.1

v1.29.1

v1.29.0

v1.28.0

v1.27.2

v1.27.1

v1.26.0

v1.25.2

v1.25.1

v1.25.0

v1.24.0

v1.23.0

v1.22.0

v1.21.2

v1.21.1

v1.21.0

v1.20.0

v1.19.0

v1.18.1

v1.18.0

v1.17.1

v1.17.0

v1.16.0

v1.15.0

v1.14.1

v1.14.0

v1.13.0

v1.12.1

v1.12.0

v1.11.1

v1.11.2

v1.11.0

v1.10.0

v1.9.0

v1.8.0

v1.7.0

v1.6.1

v1.6.0

v1.5.3

v1.5.2

v1.5.1

v1.5.0

v1.4.8

v1.4.7

v1.4.6

v1.4.5

v1.4.4

v1.4.3

v1.4.2

v1.4.1

v1.4.0

v1.3.2

v1.3.3

v1.3.1

v1.3.0

v1.2.5

v1.2.4

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.1.3

v1.1.2

v1.1.1

v1.1.0

v1.0.0

v0.0.5

v0.0.4

v0.0.3

v0.0.2

v0.0.1

Labels

Clear labels   

ai-generated

  

android-app

  

android-app

  

android-app

  

🪲 bug

  

build

  

build

  

dependencies

  

docs

  

enhancement

  

enhancement

  

🔥 HOT

  

in-progress 🏃

  

ios

  

prio:low

  

prio:low

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

🔒 security

  

server

  

server

  

unified-push

  

web-app

  

website

No labels

ai-generated

android-app

android-app

android-app

🪲 bug

build

build

dependencies

docs

enhancement

enhancement

🔥 HOT

in-progress 🏃

ios

prio:low

prio:low

pull-request

question

🔒 security

server

server

unified-push

web-app

website

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/ntfy#490

No description provided.