Re: [w3c/payment-request] Add hasEnrolledInstrument() (#833) from Danyao Wang on 2019-02-15 (public-webpayments-specs@w3.org from February 2019)

From: Danyao Wang <notifications@github.com>
Date: Fri, 15 Feb 2019 22:03:46 +0000 (UTC)
To: w3c/payment-request <payment-request@noreply.github.com>
Cc: webpayments-specs <public-webpayments-specs@w3.org>, Comment <comment@noreply.github.com>
Message-ID: <w3c/payment-request/pull/833/review/204458443@github.com>

danyao commented on this pull request.



> +          <li>Let <var>request</var> be the <a>PaymentRequest</a> object on
+          which the method was called.
+          </li>
+          <li>If <var>request</var>.<a>[[\state]]</a> is not "<a>created</a>",
+          then return <a>a promise rejected with</a> an
+          "<a>InvalidStateError</a>" <a>DOMException</a>.
+          </li>
+          <li data-tests=
+          "payment-request/payment-request-hasenrolledinstrument-method-protection.https.html">
+          If <var>checkForInstruments</var> is true, optionally, at the
+          <a>top-level browsing context</a>'s discretion, return <a>a promise
+          rejected with</a> a "<a>NotAllowedError</a>" <a> DOMException</a>.
+            <p class="note" data-link-for="PaymentRequest">
+              This allows user agents to apply heuristics to detect and prevent
+              abuse of the <a>hasEnrolledInstrument()</a> method for
+              fingerprinting purposes, such as creating <a>PaymentRequest</a>

Done.

-- 
You are receiving this because you commented.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/payment-request/pull/833#discussion_r257406270

Received on Friday, 15 February 2019 22:04:09 UTC