- From: Ian Clelland <notifications@github.com>
- Date: Fri, 14 Sep 2018 11:07:06 -0700
- To: w3c/payment-request <payment-request@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Friday, 14 September 2018 18:07:28 UTC
@marcoscaceres, that sounds about right; the JS is a bit more complex than that[1], but the details are in the [spec](https://wicg.github.io/feature-policy/#introspection). The only other piece I can think of that's specifically relevant for payment request is supporting *both* feature policy and the original `<iframe allowpaymentrequest>` mechanism. There is some text in [HTML](https://html.spec.whatwg.org/multipage/iframe-embed-object.html#attr-iframe-allowpaymentrequest), but the best description of what to do is in the Feature Policy spec under [Additional attributes to support legacy features](https://wicg.github.io/feature-policy/#iframe-allowpaymentrequest-attribute) and the [Process feature policy attributes](https://wicg.github.io/feature-policy/#process-feature-policy-attributes) algorithm. [1] There's also a `document.policy.allowedFeatures` array which should include `"payment"` when allowed, and a bit of subtlety around `HTMLIFrameElement.policy` to avoid cross-origin info leaks -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/payment-request/issues/600#issuecomment-421439733
Received on Friday, 14 September 2018 18:07:28 UTC