POST /notify?group_id=your_group_id¬ification_id=your_notification_id&ttl=seconds
Submit notifications with JSON data. The optional ttl parameter (Time To Live) specifies how long the notification remains valid. If omitted, a default TTL of 1 hour is used.
GET /ws?group_id=your_group_id
Establish a WebSocket connection to receive notifications for the specified group_id.
Description: This service establishes a WebSocket connection to broadcast notifications in real-time to clients connected to a specific group. Notifications are stored with an associated TTL and delivered in JSON format.
Usage Instructions:
1. Embed this iframe in your main page and set the src attribute to: https://bildirim.live?group_id=yourGroupId&origin=parentOrigin.
2. Listen for postMessage events on your main page. Only process messages where messageType equals "notify"; log a warning for any other message types.
To embed the notification iframe invisibly into your webpage, include the following HTML snippet:
<iframe class="notification-iframe" src="https://bildirim.live?group_id=yourGroupId&origin=yourParentOrigin"></iframe>
Replace yourGroupId with the specific group identifier and yourParentOrigin with the origin of your main page (e.g., https://yourdomain.com).
In order to securely receive notifications from the iframe, add an event listener for message events in your main page. Here is an example of how to implement this:
window.addEventListener('message', function(event) {
// Validate the origin of the message for security purposes
if (event.origin !== "https://bildirim.live" && event.origin !== "https://yourdomain.com") {
console.warn("Received message from untrusted origin:", event.origin);
return;
}
// Check if the message type is 'notify'
if (event.data && event.data.messageType === "notify") {
// Process the notification data
console.log("Received notification:", event.data.messageData);
// Implement your notification handling logic here
} else {
console.warn("Unknown message type received:", event.data);
}
});
Ensure that you replace https://yourdomain.com with your actual domain. This listener verifies the origin of the message and processes only those messages with messageType set to "notify".
origin Parameter
The origin parameter is crucial for secure communication between the iframe and its parent page:
Origin header. This ensures connections are only accepted from trusted sources such as http://127.0.0.1, https://bildirim.live, or secure subdomains (e.g., https://subdomain.bildirim.live).
origin query parameter informs the iframe which parent domain should receive postMessage communications. If the origin parameter is not provided, messages will be sent with the wildcard target ("*"), which is less secure.
In addition to the core notification functionality, the system offers several advanced features:
group_id, allowing targeted delivery. Each notification is stored with a TTL and broadcast in real-time to all connected clients.
POST /notify endpoint, it is immediately sent to all WebSocket clients associated with the relevant group.
"no_notifications" message is sent.