Re: [w3c/browser-payment-api] Send HTMLIFrameElement.allowPaymentRequest to HTML spec (#311) from Rouslan Solomakhin on 2016-11-17 (public-webpayments-specs@w3.org from November 2016)

From: Rouslan Solomakhin <notifications@github.com>
Date: Thu, 17 Nov 2016 05:37:49 -0800
To: w3c/browser-payment-api <browser-payment-api@noreply.github.com>
Message-ID: <w3c/browser-payment-api/issues/311/261248113@github.com>

This code would live on `evil.com`, so we would show the title, icon, and origin of `evil.com`. Perhaps my language was confusing, because "top-level frame" does not mean the top-most `<iframe>` element on the page. The term "top-level frame" refers to the HTML page that is not inside of any `<iframe>` element.

For example, suppose you load `https://rsolomakhin.github.io/pr/iframe/` into your website by typing that URL into the address bar. The user agent will show the icon, title, and full URL (usually) of `https://rsolomakhin.github.io/pr/iframe/`. Here, `https://rsolomakhin.github.io/pr/iframe/` is the "top-level frame", even though it's not inside of any `<iframe>` element.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/browser-payment-api/issues/311#issuecomment-261248113

Received on Thursday, 17 November 2016 13:38:25 UTC