From 465990bc7b5746b31660e71a098440872acd9fc7 Mon Sep 17 00:00:00 2001 From: Adrian Hope-Bailie Date: Mon, 28 Mar 2016 01:01:06 +0200 Subject: [PATCH 1/2] Issue marker requesting security considerations section --- .gitignore | 1 + specs/paymentrequest.html | 8 ++++++++ 2 files changed, 9 insertions(+) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 00000000..62c89355 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.idea/ \ No newline at end of file diff --git a/specs/paymentrequest.html b/specs/paymentrequest.html index f0734b71..9460b9c2 100644 --- a/specs/paymentrequest.html +++ b/specs/paymentrequest.html @@ -978,6 +978,14 @@

PaymentRequestUpdateEvent

Accept-Language headers, etc.)

+ +

+ The spec should indicate how data might be passed securely through the API using + mechanisms such as field level encryption and message signing. While these may not + be standardised a reference to the payment method specifications would be appropriate + as well as some examples of how those specifcations might implement secure messaging. +

+

Algorithms

From 79375d8190036808b78d8c847729dc90bc20c634 Mon Sep 17 00:00:00 2001 From: Adrian Hope-Bailie Date: Fri, 22 Apr 2016 14:48:35 +0200 Subject: [PATCH 2/2] Removed parameter for complete() Addresses #129 by dropping the algorithm step that passes value to the payment app. As the boolean passed to complete is not used for anything else it has been dropped too. --- specs/paymentrequest.html | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/specs/paymentrequest.html b/specs/paymentrequest.html index 32f625a6..d0970a41 100644 --- a/specs/paymentrequest.html +++ b/specs/paymentrequest.html @@ -754,7 +754,7 @@

ShippingAddress interface

         interface ShippingAddress {
           readonly attribute DOMString regionCode;
-          readonly attribute sequence addressLine;
+          readonly attribute sequence<DOMString> addressLine;
           readonly attribute DOMString administrativeArea;
           readonly attribute DOMString locality;
           readonly attribute DOMString dependentLocality;
@@ -842,7 +842,7 @@ 
PaymentResponse interface

           readonly attribute DOMString methodName;
           readonly attribute object details;
 
-          Promise<void> complete(boolean success);
+          Promise<void> complete();
         };
@@ -866,9 +866,7 @@

PaymentResponse interface

complete()

The complete method must be called after the user has accepted the payment - request and the [[\acceptPromise]] has been resolved. The complete method - takes a boolean argument that indicates the payment was successfully processed if true and - that processing failed if false. Calling the complete method tells the user + request and the [[\acceptPromise]] has been resolved. Calling the complete method tells the user agent that the user interaction is over (and should cause any remaining user interface to be closed).

@@ -885,10 +883,6 @@

complete()

  • Set the value of the internal slot [[\completeCalled]] to true.
  • Return promise and asynchronously perform the remaining steps.
    • -
  • - Pass the value of success to the Payment App that accepted the - payment request. -
  • Close down any remaining user interface.
  • Resolve promise with undefined.