Re: [w3c/browser-payment-api] Add allowpaymentrequest attribute for iframe support (#268) from adamroach on 2016-09-18 (public-webpayments-specs@w3.org from September 2016)

From: adamroach <notifications@github.com>
Date: Sat, 17 Sep 2016 19:09:01 -0700
To: w3c/browser-payment-api <browser-payment-api@noreply.github.com>
Message-ID: <w3c/browser-payment-api/pull/268/review/466874@github.com>

adamroach commented on this pull request.



> @@ -1111,6 +1106,38 @@ <h2 id="state-transitions" class="informative">State transitions</h2>
 </section>
 
 <section>
+  <h2>PaymentRequest and iframes</h2>
+  <p>
+    There are some circumstances where a cross-origin <a>iframe</a> wants to make a payment
+    request. A cross-origin iframe needs explicit permission from the embedding page to invoke
+    the payment request API.
+  </p>
+  <p>
+    The <a>HTMLIFrameElement</a> is extended with an <dfn><code>allowpaymentrequest</code></dfn>
+    content attribue. <a><code>allowpaymentrequest</code></a> is a <a>boolean attribute</a>.

This isn't really what we've discussed. Unless there was subsequent conversation outside of the issue, the proposal (which didn't have any disagreement) was to extend the already-defined "permissions" attribute with a new "payment" value.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/browser-payment-api/pull/268#pullrequestreview-466874

Received on Sunday, 18 September 2016 02:09:35 UTC