New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Resolve with null instead of reject with 'SecurityError' if PaymentRequestEvent.openWindow is opened in a different origin #202
Conversation
@rsolomakhin @ianbjacobs @romandev what you think? |
Also, we can remove step 4. |
Thanks. Why remove step 4 'If the url parsing throws an exception, return a Promise rejected with that exception.'? It looks make sense to keep it. |
Ah, sorry for confusing. I meant step 6: IMHO, for consistency, we should resolve null instead of rejecting with SecurityError. |
It makes sense to me, I removed that check, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me. Please add a link to the relevant Service Worker algorithm in the commit description:
index.html
Outdated
<li>If <var>url</var>'s origin is not the same as the <a>service | ||
worker</a>'s origin associated with the payment handler, return a <a> | ||
Promise</a> rejected with a <a>SecurityError</a>. | ||
</li> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should keep this check, as well, but we can return null
for consistency. This check is to make sure that service worker fromhttps://bobpay.xyz
does not try to show a page from https://alicepay.xyz
. This can be checked synchronously, so there's no need to wait until the page opens.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
https://bobpay.xyz can do window.location.href = 'https://alicepay.xyz' immediately, so with this check we still can not prevent it happen.
My understanding is that we no need to do any origin related check (if it is user triggered) for openWindow.
The returned "The WindowClient interface of the ServiceWorker API represents the scope of a service worker client that is a document in a browser context, controlled by an active worker."
If the window is opened, redirected or navigated out of the origin, then the service worker has no control of it. We can not find that window through Clients.matchAll.
Make sense?
Great, thank you! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm2
… as the service worker w3c/payment-handler#202 Bug: 755474 Change-Id: Iee7df4e8f6cf54404be4e74ec2ab5e2401723ac8 Reviewed-on: https://chromium-review.googlesource.com/615362 Reviewed-by: Rouslan Solomakhin <rouslan@chromium.org> Commit-Queue: Ganggui Tang <gogerald@chromium.org> Cr-Commit-Position: refs/heads/master@{#494411}
In the openWindow algorithm 14.1, the window is opened at that point, looks make no sense to reject with "SecurityError".
This is also how Clients.openWindow works for service work.