This is not a threat model that's unique to PWAs though, nor in any way enabled ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Etheryte on Feb 16, 2023 \| parent \| context \| favorite \| on: Web Push for Web Apps on iOS and iPadOS This is not a threat model that's unique to PWAs though, nor in any way enabled by what's seen here. Installing a PWA is practically equivalent to installing an app and a malicious app or an app that had their OneSignal or similar credentials compromised could do the exact same thing.

diebeforei485 on Feb 17, 2023 [–]

Apple can disable push notifications from a compromised app.

It's unclear if they can do it for a compromised website, which was my question above.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact