Skip to content
This repository has been archived by the owner on Oct 18, 2023. It is now read-only.

Change polyfill to use document.dispatchEvent(...) rather than window.postMessage(...) #1436

Closed
sublimator opened this issue Dec 20, 2020 · 5 comments
Closed

Change polyfill to use document.dispatchEvent(...) rather than window.postMessage(...) #1436

sublimator opened this issue Dec 20, 2020 · 5 comments

Comments

@sublimator
Copy link
Member

sublimator commented Dec 20, 2020
edited
Loading

Coordinate with @wmurphyrd
WICG/webmonetization#137
@wmurphyrd
Copy link

@sublimator does the closed issue mean this change will not be going in?

@sublimator
Copy link
Member Author

@wmurphyrd

Sorry, it made it's way in to 0.0.52 which will be published hopefully next week!

- Reduce <script> injected code to just one [#1254](https://github.com/coilhq/web-monetization-projects/pull/1254) [#1503](https://github.com/coilhq/web-monetization-projects/pull/1503)
- Remove 'unsafe-eval' from CSP in favor of sha256 of singular polyfill [#1542](https://github.com/coilhq/web-monetization-projects/pull/1542)

@wmurphyrd
Copy link

Thanks @sublimator! Does #1542 mean CSP pages will allow the polyfill injection and the separate polyfill will longer be required?

@sublimator
Copy link
Member Author

@wmurphyrd

No, depending on the page's CSP policy ( which seems to take precedence ) you may still need to include the polyfill.
The main benefit is that it's easier for add-ons to get reviewed/published. The Mozilla/FF add-ons store recently questioned our use of 'unsafe-eval' so we responded by removing it and simply listing the hash of the polyfill.

Thanks.

@wmurphyrd
Copy link

@sublimator awesome thanks for explaining. New version of web-monetization-polyfill is published

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sublimator @wmurphyrd