Reference W3C HTML for allowpaymentrequest definition #359
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sideshowbarker
added a commit
to whatwg/html
that referenced
this pull request
Dec 5, 2016
The `allowpaymentrequest` attribute is used by the Payment Request API to determine if Document objects in an `iframe` element's browsing context are to be allowed to make payment requests. Closes w3c/payment-request#311 See also w3c/payment-request#359
This was referenced Dec 5, 2016
zcorpan
reviewed
Dec 5, 2016
| without this attribute set). | ||
| When an <a><code>iframe</code></a> element has an | ||
| <a><code>allowpaymentrequest</code></a> attribute, and does not | ||
| have any ancestor <a><code>iframe</code></a> element without an |
There was a problem hiding this comment.
This seems wrong. This reads like it's talking about ancestor the DOM concept. But you should hook into "allowed to use" instead, which handles nested browsing contexts. See Fullscreen.
There was a problem hiding this comment.
hook into "allowed to use" instead, which handles nested browsing contexts
Thanks, see 4f59cf9, which attempts that.
zcorpan
reviewed
Dec 5, 2016
| requests</a>, then <a>throw</a> a <a>SecurityError</a>. | ||
| nested <a>browsing context</a>'s <a>browsing context container</a> is | ||
| an <a><code>iframe</code></a> element whose <a>node document<a> is | ||
| not allowed to use the feature indicated by attribute name |
zcorpan
suggested changes
Dec 5, 2016
| nested browsing context is not <a>allowed to make payment | ||
| requests</a>, then <a>throw</a> a <a>SecurityError</a>. | ||
| nested <a>browsing context</a>'s <a>browsing context container</a> is | ||
| an <a><code>iframe</code></a> element whose <a>node document</a> is |
There was a problem hiding this comment.
So if it's not an iframe (e.g. it's frame/object/embed), it wouldn't throw. That's bad. Remove iframe check here I think.
There was a problem hiding this comment.
Do we plan to allow nested frame/object/embed to use PaymentRequest? I thought not.
There was a problem hiding this comment.
No. But the current text would allow that.
There was a problem hiding this comment.
Remove
iframecheck here I think.
OK, removed in 681837d
| @@ -343,8 +343,11 @@ | |||
| <li>If the <a>browsing context</a> of the script calling the | |||
| constructor is a <a>nested browsing context</a> whose origin is | |||
There was a problem hiding this comment.
I think this PR should be blocked on fixing these issues:
#324
#332
Agreed. Though I wasn’t sure that this PR itself was the right place to fix those. I guess I imagined this PR branch could be rebased once those fixes got made. But I suppose we could instead make the changes on this branch as part of this PR.
sideshowbarker
added a commit
to whatwg/html
that referenced
this pull request
Dec 5, 2016
w3c/payment-request#359 was updated to hook into “allowed to use” (like Fullscreen does) in place of the special “allowed to make payment requests” term the Payment Request had defined on its own instead. So this change replaces reference to “allowed to make payment requests” with “allowed to use the `PaymentRequest` interface to make payment requests” (just using similar language as for the `allowfullscreen` case).
sideshowbarker
added a commit
to w3c/html
that referenced
this pull request
Dec 6, 2016
The `allowpaymentrequest` attribute is used by the Payment Request API to determine if Document objects in an `iframe` element's browsing context are to be allowed to make payment requests. See w3c/payment-request#311 See also w3c/payment-request#359
sideshowbarker
changed the title
stevefaulkner
pushed a commit
to w3c/html
that referenced
this pull request
Dec 6, 2016
The `allowpaymentrequest` attribute is used by the Payment Request API to determine if Document objects in an `iframe` element's browsing context are to be allowed to make payment requests. See w3c/payment-request#311 See also w3c/payment-request#359
Following whatwg/html#2133, which adds the definition of the <iframe> `allowpaymentrequest` attribute to the HTML spec, this change updates the Payment Request API to reference HTML for that definition of `allowpaymentrequest` from HTML. See also #311
adrianba
force-pushed
the
allowpaymentrequest-move-to-html
branch
from
681837d
to
056e9f4
Compare
zcorpan
pushed a commit
to whatwg/html
that referenced
this pull request
Dec 19, 2016
The `allowpaymentrequest` attribute is used by the Payment Request API to determine if Document objects in an `iframe` element's browsing context are to be allowed to make payment requests. See w3c/payment-request#311 w3c/payment-request#359
arronei
pushed a commit
to arronei/html
that referenced
this pull request
Apr 17, 2017
The `allowpaymentrequest` attribute is used by the Payment Request API to determine if Document objects in an `iframe` element's browsing context are to be allowed to make payment requests. See w3c/payment-request#311 See also w3c/payment-request#359
alice
pushed a commit
to alice/html
that referenced
this pull request
Jan 8, 2019
The `allowpaymentrequest` attribute is used by the Payment Request API to determine if Document objects in an `iframe` element's browsing context are to be allowed to make payment requests. See w3c/payment-request#311 w3c/payment-request#359
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Following w3c/html#743, which adds the definition of the
<iframe>allowpaymentrequestattribute to W3C HTML, this change updates the W3C Payment Request API to reference W3C HTML for that definition ofallowpaymentrequestfrom W3C HTML.See also #311