Re: [w3c/payment-handler] Add CanMakePaymentEvent and AbortPaymentEvent. (#170) from adamroach on 2017-07-28 (public-webpayments-specs@w3.org from July 2017)

From: adamroach <notifications@github.com>
Date: Fri, 28 Jul 2017 22:53:17 +0000 (UTC)
To: w3c/payment-handler <payment-handler@noreply.github.com>
Cc: webpayments-specs <public-webpayments-specs@w3.org>, Comment <comment@noreply.github.com>
Message-ID: <w3c/payment-handler/pull/170/c318779874@github.com>

@ianbjacobs -- That seems pretty unsatisfying, as answers go, as it leaks private information by default and requires users to take action (which presumably makes their payment handlers work less effectively?) to protect it. That's backwards from how we design every other privacy-impacting web feature. If this behavior is present, it needs to be opt-in and handled the same as other permissions (like geolocation and camera access). In particular, this means that payment handlers need to be able to work _well_ without the mechanism, which would seem to require keeping the capabilities information in place.

-- 
You are receiving this because you commented.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/payment-handler/pull/170#issuecomment-318779874

Received on Friday, 28 July 2017 22:53:45 UTC