Re: [w3c/webpayments-payment-apps-api] Multiple payment apps per origin (#98)

If an origin is an installed payment app, and that origin has 10 service worker registrations, which service worker gets the `paymentrequest` event? My understanding is that it'd be the service worker registration that was used in the call to `setManifest` or whatever the registering call is now.

What happens if that service worker registration is unregistered? Is the payment app still installed? My understanding is the payment app would no longer be installed, as it no longer has anywhere to execute code.

If my understanding is correct, there's a very definite 1:1 relationship between the service worker and the payment app.

Don't be distracted by permissions. Just because a permission is origin-level doesn't mean the feature is. Take notifications - the permission is origin level, but there can then be many notifications. Although there's one origin permission, each service worker registration can have its own push registration.

Don't be distracted with "recommended payment apps". As far as I know, no one has been able to define how this could happen without presenting large security issues https://github.com/w3c/webpayments-payment-apps-api/issues/48#issuecomment-274094501.

Don't be distracted by doing work across multiple service workers for a single payment. If the payment app chooses to open a window, it can do so to any page on its origin. That means the page could be controlled by another service worker to the one that owns the payment app registration. However, the payment app is still registered against a particular service worker registration.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments-payment-apps-api/issues/98#issuecomment-280652989