I see... I just wonder if our proposal can contain some mechanism related with secure input. For example, in the proposal, could we suggest Payment Mediator ( the browser) provide an element such as "secure input' (something like <input type="password" secure /> ), which can ensure that malicious processes can't hook the input. And another question is, how does our proposal ensure that malicious scripts/attacks can't get what user types in password box? I mean if malicious scripts is injected into current page, then what if hackers use input.value to get the password? --- Reply to this email directly or view it on GitHub: https://github.com/w3c/webpayments/issues/90#issuecomment-184464133Received on Tuesday, 16 February 2016 01:17:19 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:43:14 UTC