-
Notifications
You must be signed in to change notification settings - Fork 42
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add "Validate Methods Algorithm" #197
Conversation
I've created this pull request to solicit comments on the outlined approach for using Payment Method Identifier and Payment Method Manifest specs in here. Please let me know what you think. I will be getting some implementation experience in the coming weeks and will report back. |
Thanks @rsolomakhin, this proposal relates to my security question: Ian |
74f684d
to
e465566
Compare
@ianbjacobs wrote:
I've addressed this issue in this pull request by checking whether Payment Method Manifest spec is implemented. In this case, payment handlers can use all standardized payment method identifiers, but as for URL-based payment method identifiers, the origin of the identifier must be equal to the origin of the service worker registration scope URL. |
1eba40e
to
e194a96
Compare
@ianbjacobs wrote:
I've explicitly added a check for such failure. |
ee0def2
to
423bf68
Compare
Validate the payment method identifiers that a service worker can use depending on their validity and the corresponding payment method manifests.
423bf68
to
5c124be
Compare
Please be sure to provide WPT tests along with all PRs. |
Looks like PMM spec already has this algorithm. What we need to say in the PH spec is that |
Validate the payment method identifiers that a service worker can use
depending on their validity and the corresponding payment method
manifests.