Re: [w3c/browser-payment-api] Send HTMLIFrameElement.allowPaymentRequest to HTML spec (#311)

@tommythorsen there are different perspectives on this topic. Even if we display the iframe origin, there's an assumption that the user reads it and understands that there is a different site involved, though I don't think that's a strong assumption to make.  We've done some [research on this topic](https://docs.google.com/presentation/d/1suzMhtvMtA11jxPUdH1jL1oPh-82rTymCnslgR3ehEE). 

We're heading toward a model in Chrome where the top level origin is the one displayed as this is the one the user understands themselves to be on and displaying other origins doesn't necessarily help the user understand what's going on and instead can just add to confusion. The top level origin is the one responsible for delegating access to iframes.

With all that said, I share this purely to give a different perspective on that matter and totally support @ianbjacobs "In general I would leave the UX to implementers." :)

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/browser-payment-api/issues/311#issuecomment-262107472

Received on Tuesday, 22 November 2016 00:05:41 UTC