- From: Domenic Denicola <notifications@github.com>
- Date: Wed, 12 Dec 2018 15:55:07 -0800
- To: w3c/payment-handler <payment-handler@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 12 December 2018 23:55:29 UTC
domenic commented on this pull request.
> @@ -1669,6 +1669,15 @@ <h2>
</li>
</ol>
</li>
+ <li>If the security properties of <var>newContext</var> are
It's unclear from @rsolomakhin's text whether insecure HTTP pages are rejected or not. Invalid certificates will fail a navigation, so that would happen before this step.
If the intent is to disallow insecure HTTP, then the wording would be _newContext_'s [active document](https://html.spec.whatwg.org/multipage/browsers.html#active-document)'s [relevant settings object](https://html.spec.whatwg.org/multipage/webappapis.html#relevant-settings-object) is [contextually secure](https://w3c.github.io/webappsec-secure-contexts/#environment-settings-object-contextually-secure).
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/payment-handler/pull/283#discussion_r241228928
Received on Wednesday, 12 December 2018 23:55:29 UTC