- From: oldoldb <notifications@github.com>
- Date: Mon, 15 Feb 2016 17:16:45 -0800
- To: w3c/webpayments <webpayments@noreply.github.com>
Received on Tuesday, 16 February 2016 01:17:19 UTC
I see... I just wonder if our proposal can contain some mechanism related with secure input. For example, in the proposal, could we suggest Payment Mediator ( the browser) provide an element such as "secure input' (something like <input type="password" secure /> ), which can ensure that malicious processes can't hook the input. And another question is, how does our proposal ensure that malicious scripts/attacks can't get what user types in password box? I mean if malicious scripts is injected into current page, then what if hackers use input.value to get the password? --- Reply to this email directly or view it on GitHub: https://github.com/w3c/webpayments/issues/90#issuecomment-184464133
Received on Tuesday, 16 February 2016 01:17:19 UTC