Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add permissions policy integration #214

Closed
marcoscaceres opened this issue Sep 15, 2021 · 1 comment · Fixed by #193
Closed

Add permissions policy integration #214

marcoscaceres opened this issue Sep 15, 2021 · 1 comment · Fixed by #193
Labels
pr193 New Web Monetization Specification Proposal

Comments

@marcoscaceres
Copy link
Contributor

The spec is currently somewhat unclear about the role of iframe and how web monetization works with third-party contexts.

It should be possible for embedded iframes to be monetized, but also restriction monetization to first-party iframes. Then we can just use permissions policy to enable payments for third-parties.

In other words/html:

<iframe allow="monetization" src="https://remote.com"></iframe>
@marcoscaceres
Copy link
Contributor Author

Note that this might also be a breaking change. Are we allowing monetization by default in third-party iframes? That seems somewhat risky, as it means that embedded third party content could start collecting money unbeknownst to the first party origin.

This was referenced Nov 29, 2021
Closed
Closed
Merged
@AlexLakatos AlexLakatos added the pr193 New Web Monetization Specification Proposal label Dec 3, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
pr193 New Web Monetization Specification Proposal
Projects
None yet
Milestone
No milestone
2 participants
@AlexLakatos @marcoscaceres