starred/ntfy

Fork 0

mirror of https://github.com/binwiederhier/ntfy.git synced 2026-05-09 16:35:53 +02:00

[GH-ISSUE #785] iOS App: Push notifications not received for reserved topics with ACL using hosted service #559

New issue

Open

opened 2026-05-07 00:25:25 +02:00 by BreizhHardware · 4 comments

BreizhHardware commented

2026-05-07 00:25:25 +02:00

Owner

Originally created by @protocolist on GitHub (Jun 27, 2023).
Original GitHub issue: https://github.com/binwiederhier/ntfy/issues/785

🐞 Describe the bug
I'm a long time user of the free tier of the hosted product. I receive iOS push notifications for public topics and in general this works very well.

Today I subscribed to the paid tier and added a reserved topic with the ACL preset "I can publish and subscribe, everyone can publish". I signed in to the iOS app with my account.

Push notifications are not received for this new reserved topic by the iOS app. Manually refreshing the notifications in the iOS app causes them to appear. Notifications are received successfully in the web app for these reserved topics.

Upon further testing, this is the behaviour with each of the ACL presets on reserved topics:

"Only I can publish and subscribe" - No push notification
"I can publish and subscribe, everyone can publish" - No push notification
"I can publish and subscribe, everyone can subscribe" - Push notification received
"Everyone can publish and subscribe" - Push notification received

If my reading and understanding is correct, this is not the expected behaviour. If the iOS app is signed in to the appropriate account, shouldn't push notifications be received for all of the above cases?

Please let me know if I can perform any additional testing.

💻 Components impacted
iOS App

💡 Screenshots and/or logs
N/A

🔮 Additional context
Unfortunately this issue completely breaks my use cases for moving to the paid subscription tier (avoiding public consumption of my topics)

Originally created by @protocolist on GitHub (Jun 27, 2023). Original GitHub issue: https://github.com/binwiederhier/ntfy/issues/785 :lady_beetle: **Describe the bug** I'm a long time user of the free tier of the hosted product. I receive iOS push notifications for public topics and in general this works very well. Today I subscribed to the paid tier and added a reserved topic with the ACL preset "I can publish and subscribe, everyone can publish". I signed in to the iOS app with my account. Push notifications are not received for this new reserved topic by the iOS app. Manually refreshing the notifications in the iOS app causes them to appear. Notifications are received successfully in the web app for these reserved topics. Upon further testing, this is the behaviour with each of the ACL presets on reserved topics: "Only I can publish and subscribe" - No push notification "I can publish and subscribe, everyone can publish" - No push notification "I can publish and subscribe, everyone can subscribe" - Push notification received "Everyone can publish and subscribe" - Push notification received If my reading and understanding is correct, this is not the expected behaviour. If the iOS app is signed in to the appropriate account, shouldn't push notifications be received for all of the above cases? Please let me know if I can perform any additional testing. :computer: **Components impacted** iOS App :bulb: **Screenshots and/or logs** N/A :crystal_ball: **Additional context** Unfortunately this issue completely breaks my use cases for moving to the paid subscription tier (avoiding public consumption of my topics)

BreizhHardware added the

🪲 bug

label

2026-05-07 00:25:25 +02:00

BreizhHardware commented

2026-05-07 00:25:25 +02:00

Author

Owner

@binwiederhier commented on GitHub (Jun 27, 2023):

Today I subscribed to the paid tier

I don't have time right now to investigate this. I can likely get to it tomorrow night. I am happy to refund you at any point in time if things are not working right. Just let me know here or on Discord/Matrix/email.

Also: thank you for subscribing to the paid tier!

@binwiederhier commented on GitHub (Jun 27, 2023): > Today I subscribed to the paid tier I don't have time right now to investigate this. I can likely get to it tomorrow night. I am happy to refund you at any point in time if things are not working right. Just let me know here or on Discord/Matrix/email. Also: thank you for subscribing to the paid tier!

BreizhHardware commented

2026-05-07 00:25:25 +02:00

Author

Owner

@protocolist commented on GitHub (Jun 27, 2023):

No worries, I am not in a big hurry, everything is working for public topics as before. I will remain subscribed because I'd like to support the development.

@protocolist commented on GitHub (Jun 27, 2023): No worries, I am not in a big hurry, everything is working for public topics as before. I will remain subscribed because I'd like to support the development.

BreizhHardware commented

2026-05-07 00:25:26 +02:00

Author

Owner

@binwiederhier commented on GitHub (Jun 28, 2023):

I can publish and subscribe, everyone can publish

😱 This is in fact a design flaw, or at least an unhandled case: https://github.com/binwiederhier/ntfy/blob/main/server/server_firebase.go#L174-L184

Background:

If a topic is not readable by "everyone", then we cannot forward the actual message to the Firebase/APNS topic, because anonymous subscribers could be listening to that (could they? 🤔).

The code instead sends a "poll_request" message, which is supposed to instruct the client to manually poll for the message from the topic, and then display the message. Polling for the message would only be possible if the client has access to the topic.

On top of that, the code clearly does not handle iOS at all (note the "APNS" comment), so even if poll_requests are implemented (I think they are!), APNS is not notified, so the iOS device never gets the message.

I am not entirely sure if I have to right, and/or what is implemented in iOS or even Android to handle this case. This would require a bit more digging, and a bit more thinking. It is a serious flaw, and as I said, I am happy to refund your paid plan. Thank you for finding this bug!

@binwiederhier commented on GitHub (Jun 28, 2023): > I can publish and subscribe, everyone can publish :scream: This is in fact a design flaw, or at least an unhandled case: https://github.com/binwiederhier/ntfy/blob/main/server/server_firebase.go#L174-L184 Background: If a topic is not readable by "everyone", then we cannot forward the actual message to the Firebase/APNS topic, because anonymous subscribers could be listening to that (_could they?_ :thinking:). The code instead sends a "poll_request" message, which is supposed to instruct the client to manually poll for the message from the topic, and then display the message. Polling for the message would only be possible if the client has access to the topic. On top of that, the code clearly does not handle iOS at all (note the "APNS" comment), so even if poll_requests are implemented (I think they are!), APNS is not notified, so the iOS device never gets the message. -- I am not entirely sure if I have to right, and/or what is implemented in iOS or even Android to handle this case. This would require a bit more digging, and a bit more thinking. It is a serious flaw, and as I said, I am happy to refund your paid plan. Thank you for finding this bug!

BreizhHardware commented

2026-05-07 00:25:26 +02:00

Author

Owner

@protocolist commented on GitHub (Jun 28, 2023):

Understood, no worries. For better or for worse, I am stuck in the Apple ecosystem, and my phone is the primary device I receive notifications on, so if you eventually figure a way to architect for APNS I would be very eager to hear about it. No refund necessary.

@protocolist commented on GitHub (Jun 28, 2023): Understood, no worries. For better or for worse, I am stuck in the Apple ecosystem, and my phone is the primary device I receive notifications on, so if you eventually figure a way to architect for APNS I would be very eager to hear about it. No refund necessary.