From 467ac72b80017990035a871020af301bbf022d8b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcos=20C=C3=A1ceres?=
Date: Fri, 6 Dec 2019 16:22:33 +1100
Subject: [PATCH 1/5] fix: use new user activation model
---
index.html | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/index.html b/index.html
index 94aa8274..25a6763e 100644
--- a/index.html
+++ b/index.html
@@ -956,11 +956,14 @@
follows:
+ - Let |window:Window| be the [=relevant global object=] of the
+ [=environment settings object/responsible document=].
+
-
- If the method was not triggered by user activation, return
- a promise rejected with with a {{"SecurityError"}}
- {{DOMException}}.
+ If the method was not triggered by transient activation, or
+ the |window|'s transient activation has expired, return [=a
+ promise rejected with=] with a {{"SecurityError"}} {{DOMException}}.
- Let |request:PaymentRequest| be the context object.
@@ -5129,8 +5132,8 @@
To help ensure that users do not inadvertently share sensitive
credentials with an origin, this API requires that PaymentRequest's
- show() method be triggered by user activation (e.g.,
- via a click or press).
+ show() method be triggered by transient activation
+ (e.g., via a click or press).
To avoid a confusing user experience, this specification limits the
From 798f6d79ece4910202feda84cf37d672fadb3e97 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcos=20C=C3=A1ceres?=
Date: Fri, 6 Dec 2019 16:29:17 +1100
Subject: [PATCH 2/5] Some nits
---
index.html | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/index.html b/index.html
index 25a6763e..f3553691 100644
--- a/index.html
+++ b/index.html
@@ -961,9 +961,9 @@
-
- If the method was not triggered by transient activation, or
- the |window|'s transient activation has expired, return [=a
- promise rejected with=] with a {{"SecurityError"}} {{DOMException}}.
+ If the method was not triggered by [=transient activation=], or the
+ |window|'s [=transient activation=] has expired, return [=a promise
+ rejected with=] with a {{"SecurityError"}} {{DOMException}}.
- Let |request:PaymentRequest| be the context object.
@@ -5132,8 +5132,8 @@
To help ensure that users do not inadvertently share sensitive
credentials with an origin, this API requires that PaymentRequest's
- show() method be triggered by transient activation
- (e.g., via a click or press).
+ show() method be triggered by [=transient activation=] (e.g.,
+ via a click or press).
To avoid a confusing user experience, this specification limits the
From 31cb9ae963113390777d4b6726e4610c7a44b537 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcos=20C=C3=A1ceres?=
Date: Fri, 6 Dec 2019 16:39:32 +1100
Subject: [PATCH 3/5] Simplify further
---
index.html | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/index.html b/index.html
index f3553691..a25f6fba 100644
--- a/index.html
+++ b/index.html
@@ -961,9 +961,8 @@
-
- If the method was not triggered by [=transient activation=], or the
- |window|'s [=transient activation=] has expired, return [=a promise
- rejected with=] with a {{"SecurityError"}} {{DOMException}}.
+ If |window| does not have [=transient activation=], return [=a
+ promise rejected with=] with a {{"SecurityError"}} {{DOMException}}.
- Let |request:PaymentRequest| be the context object.
From 80caf3b1534847bf95af4673af3e9500367a7bf0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcos=20C=C3=A1ceres?=
Date: Mon, 9 Dec 2019 22:17:06 +1100
Subject: [PATCH 4/5] Maybe address review feedback
---
index.html | 12 +++++-------
1 file changed, 5 insertions(+), 7 deletions(-)
diff --git a/index.html b/index.html
index a25f6fba..3770c92c 100644
--- a/index.html
+++ b/index.html
@@ -956,13 +956,11 @@
follows:
- - Let |window:Window| be the [=relevant global object=] of the
- [=environment settings object/responsible document=].
-
-
- If |window| does not have [=transient activation=], return [=a
- promise rejected with=] with a {{"SecurityError"}} {{DOMException}}.
+ If the [=relevant global object=] does not have [=transient
+ activation=], return [=a promise rejected with=] with a
+ {{"SecurityError"}} {{DOMException}}.
- Let |request:PaymentRequest| be the context object.
@@ -5131,8 +5129,8 @@
To help ensure that users do not inadvertently share sensitive
credentials with an origin, this API requires that PaymentRequest's
- show() method be triggered by [=transient activation=] (e.g.,
- via a click or press).
+ show() method be invoked while the relevant {{Window}} has
+ [=transient activation=] (e.g., via a click or press).
To avoid a confusing user experience, this specification limits the
From ca9f2b0ff2da37f88c075d50c2d2d24166f54f09 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcos=20C=C3=A1ceres?=
Date: Wed, 11 Dec 2019 01:26:39 +1100
Subject: [PATCH 5/5] Assocaite relevant global object to *this*
---
index.html | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/index.html b/index.html
index 3770c92c..4361e8ab 100644
--- a/index.html
+++ b/index.html
@@ -958,8 +958,8 @@
-
- If the [=relevant global object=] does not have [=transient
- activation=], return [=a promise rejected with=] with a
+ If the [=relevant global object=] of [=this=] does not have
+ [=transient activation=], return [=a promise rejected with=] with a
{{"SecurityError"}} {{DOMException}}.
- Let |request:PaymentRequest| be the context object.