Re: [w3c/webpayments] [Payment Request] Should we allow a "polling" mechanism for websites to not invoke the API if there are no enabled methods (#159) from Nick Shearer on 2016-07-18 (public-payments-wg@w3.org from July 2016)

From: Nick Shearer <notifications@github.com>
Date: Sun, 17 Jul 2016 17:41:16 -0700
To: w3c/webpayments <webpayments@noreply.github.com>
Cc: webpayments <public-payments-wg@w3.org>, Comment <comment@noreply.github.com>
Message-ID: <w3c/webpayments/issues/159/233213619@github.com>

> If the merchant doesn't want the user to be taken down an enrollment path:
>
> They can "poll" the API to see if the user is able to handle the request with their registered apps.

I'm wondering in this scenario what prevents the merchant from simply polling the API constantly with a differing list of registered apps, in an attempt to divulge the registered payment applications a user has. Would I be correct in assuming merchants couldn't invoke this polling until they called show?

---
You are receiving this because you commented.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments/issues/159#issuecomment-233213619

Received on Monday, 18 July 2016 00:42:12 UTC