Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add "Validate Methods Algorithm" #197

Closed
wants to merge 1 commit into from
Closed

Add "Validate Methods Algorithm" #197

wants to merge 1 commit into from

Conversation

rsolomakhin
Copy link
Collaborator

Validate the payment method identifiers that a service worker can use
depending on their validity and the corresponding payment method
manifests.

@rsolomakhin
Copy link
Collaborator Author

I've created this pull request to solicit comments on the outlined approach for using Payment Method Identifier and Payment Method Manifest specs in here. Please let me know what you think. I will be getting some implementation experience in the coming weeks and will report back.

@ianbjacobs
Copy link
Contributor

Thanks @rsolomakhin, this proposal relates to my security question:
w3c/payment-method-manifest#11

Ian

@rsolomakhin rsolomakhin force-pushed the supported-origins branch 2 times, most recently from 74f684d to e465566 Compare August 3, 2017 15:21
@rsolomakhin
Copy link
Collaborator Author

@ianbjacobs wrote:

The browser implements Payment Request API but not Payment Method Manifest

I've addressed this issue in this pull request by checking whether Payment Method Manifest spec is implemented. In this case, payment handlers can use all standardized payment method identifiers, but as for URL-based payment method identifiers, the origin of the identifier must be equal to the origin of the service worker registration scope URL.

@rsolomakhin rsolomakhin force-pushed the supported-origins branch 2 times, most recently from 1eba40e to e194a96 Compare August 3, 2017 15:34
@rsolomakhin
Copy link
Collaborator Author

@ianbjacobs wrote:

The browser implements Payment Method Manifest, but there is a failure of some
sort (related to fetching, parsing, or ingesting the manifest file).

I've explicitly added a check for such failure.

@rsolomakhin rsolomakhin force-pushed the supported-origins branch 2 times, most recently from ee0def2 to 423bf68 Compare August 3, 2017 15:40
@rsolomakhin
Add "Validate Methods Algorithm"
5c124be 
Validate the payment method identifiers that a service worker can use
depending on their validity and the corresponding payment method
manifests.
@ianbjacobs ianbjacobs mentioned this pull request Aug 10, 2017
Merged
@marcoscaceres
Copy link
Member

Please be sure to provide WPT tests along with all PRs.

@rsolomakhin
Copy link
Collaborator Author

Looks like PMM spec already has this algorithm. What we need to say in the PH spec is that
when the browser matches payment method manifest origin against the payment app origin, it uses the payment handler scope URL origin.

@rsolomakhin rsolomakhin deleted the supported-origins branch August 28, 2017 19:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@rsolomakhin @ianbjacobs @marcoscaceres