Unable to reproduce the issue on Win-10 using chrome latest stable #64.0.3282.168 and latest canary #66.0.3350.0.

Following are the steps followed to reproduce the issue.
------------
1. Signed in to Google account
2. Browsed to google maps once
3. Blocked "www.google.ca", "maps.google.com", and turned off notifications in maps settings.
4. Did not observe any notifications.

ian@ - Could you please check the issue on latest stable #64.0.3282.168 by creating a new profile without any apps and extensions and please let us know if the issue still persist or not.
The latest chrome builds can be downloaded from the below URL:
https://www.chromium.org/getting-involved/dev-channel

Thanks...!!

This issue still happens (just happened this morning) on Version 64.0.3282.186 (Official Build) (64-bit)

Thank you for providing more feedback. Adding the requester to the cc list.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Unable to reproduce the issue on latest chrome stable# 65.0.3325.181 using Windows-10 with steps mentioned below:
1) Launched chrome, signed into Google and opened Google Maps
2) Blocked "www.google.ca", "maps.google.com", and turned off notifications in maps settings
3) Didn't observed any notifications from Google Maps

@Reporter: Try to test this by creating new person with no apps and extensions in it, you can also test the issue on latest chrome stable and let us know if the issue still persists. You can download chrome stable from URL: https://www.chromium.org/getting-involved/dev-channel

Thanks!

This issue seems to discuss two issues -
1. Chrome still allows notifications to be shown even though the user has blocked the notifications.
2. Google Maps still send notifications, even though the user disabled them at the Google Maps settings.

1 is reproducible for me as well. See the screenshot from another user (warning, the domain seems to be of some porn website/service).
2 is unrelated to Chrome and should be reported to Google Maps using a "Send feedback" feature of Google Maps.

The screenshot is of a push notification (the website was not open), which means it used a service worker and thus it is the exact same origin (in the blocked notification list and in the notification), as HTTPS is required for service workers.

This is a very serious issue as websites (or dubious websites, like porn, or advertisements) can spam people despite being supposedly blocked, after they were given a permission by mistake. Even if this can happen only for a short time (it showed up minutes after the notification was blocked), it is still a serious issue.

Deleted: blocked-notifications-still-show-up.png 77.1 KB

	blocked-notifications-still-show-up.png 77.1 KB View Download

Chrome 66.0.3359.139 (Official Build) (64-bit) (cohort: 66_139_win)
c134752e-b8b72c88
5f419cc9-ca7d8d80
59aeb88e-3f4a17df
31101bd6-ca7d8d80
a6674cf-ca7d8d80
3095aa95-3f4a17df
d52c4ff7-d52c4ff7
47e5d3db-3d47f4f4
4dc30737-b8a5ea08
f9884634-659882c0
121ae2bc-ca7d8d80
57f575bb-3d47f4f4
ceff87ec-ca7d8d80
44827ee5-ca7d8d80
4b61504a-c9eb6633
ef05a96e-e2c3ac67
9773d3bd-f23d1dea
8e3b2dc5-93702590
9e5c75f1-1039a221
c322f799-2dbe5f9
3de1fbf2-3d47f4f4
f79cb77b-3d47f4f4
4ea303a6-ecbb250e
d92562a9-cfe3c2ea
447469ba-13d9f35f
7aa46da5-c946b150
2b33233e-881ca6c9
72606c4f-3f4a17df
58a025e3-c2b41702
2a32876a-ca7d8d80
ff29b1bd-ca7d8d80
4bc337ce-69465896
9a2f4e5b-d226bfeb
1354da85-c7531228
494d8760-52325d43
f47ae82a-86f22ee5
3ac60855-486e2a9c
f296190c-bd104136
4442aae2-e1cc0f14
ed1d377-e1cc0f14
12e17bc5-e1cc0f14
75f0f0a0-6bdfffe7
e2b18481-75cb33fc
e7e71889-e1cc0f14
b1ceb06f-3ac589b9
2aae5467-669a04e0
98426e68-ca7d8d80
94e68624-803f8fc4

Note - I even unregistered the all of the related service workers for any non-legitimate domains, including the domain of the notification. The notifications keep showing up.
I verified that there are no extensions installed to that effect.

phistuck@, please can you provide your exact repro steps, thanks!

#9 - no, I really cannot, it was not my computer and I did not permit those notifications myself (I hardly do on my computer and now I have a good reason not to permit).
That user apparently did permit notifications and the notifications appear even when the user has explicitly blocked that domain.

I think the issue is that when users block via the 'Add' button in chrome://settings/content/notifications , if the site already has permission 'allowed' on port 443, blocking the site without a port specified (or with port '*') will not revoke the allowal on port 443. 

peter@ - is this intended behaviour?

Steps to repro:

1. Navigate to https://tests.peter.sh/notification-generator/
2. Grant notification permission
3. Go to chrome://settings/content/notifications
4. Add 'https://tests.peter.sh' to the blocked list via the 'Add' button which provides a free-form text box.

Observed results:
- https://tests.peter.sh:443 still appears under the 'Allow' list
- Typing 'Notification.permission' in the devtools console on https://tests.peter.sh/notification-generator/ returns 'allowed' and notifications can still display.

I don't know. It's definitely not clear to users - there will effectively be two content setting entries this way, one with an explicit port, one with an implied port, describing the same setting.

+content setting owners for their view

#12 - it was not the issue in the case of the user I mentioned, because I have explicitly removed it from their allowed list and added it to their blocked list, as well as unregistered the service worker.
(The user no longer get notifications, but it took it about a day to apply, or maybe a browser restart, which is not user friendly at all)

I'm still experiencing this issue, although I haven't been able to pin down the exact timing of when the notification happens. It's always right after I open chrome after I've booted my computer (I shut it down each night). I'd estimate that it shows up about once every month, and it's always the same notification as seen in my screenshot.

Ian, does 'https://www.google.ca:443' still appear under Allow if you go to chrome://settings/content/notifications - as it did in your original screenshot in this bug description? 

If so then blocking it from there should fix the issue.

#17 - Looks like you're right, I've blocked notifications from https://www.google.ca:443 as it was set to allow.

This notification is highly misleading, but now it looks like this is a Google Maps issue and not an issue with Chromium. I think I was confused because it's a google maps notification but its sent from google.ca.

Thank you for you help, this issue can be closed.

Thanks for checking Ian. Closing the issue as the original issue as reported has been resolved.

I have split out Issue 844410 ('Adding a site setting manually for 'foo.com' does not override existing settings for 'foo.com:443''), as described in #12, which I think was the cause of the confusion in your case, into a separate bug for the Content Settings team, and copied the relevant people from this ticket there.

@phistuck: I agree the report you describe sounds worrying, but I'm afraid we can't do much without further information. Will keep an eye out for any similar reports that are not caused by Issue 844410.

@awdf - what further information do you need? Exact steps? I guess the user simply allowed notifications, but I will try to re-allow notifications for that site and see if they come back and not go away when I block them again.

A few questions, though -
1. Can you at least look at the code paths to see if those content settings are the sole gatekeeper for allowing/blocking notifications from a website?

2. When I block a website from showing notifications, does it revoke its push subscriptions at the push server level? If not, does that mean the website can waste my bandwidth (granted, less than 1 KB per message, but still) even though Chrome would not show me the notifications?
(I think it should revoke the push subscriptions)