Re: [w3c/webpayments-method-identifiers] feat: rewrite all the things (#35) from Marcos Cáceres on 2017-04-27 (public-webpayments-specs@w3.org from April 2017)

From: Marcos Cáceres <notifications@github.com>
Date: Thu, 27 Apr 2017 01:06:40 -0700
To: w3c/webpayments-method-identifiers <webpayments-method-identifiers@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/webpayments-method-identifiers/pull/35/review/35041180@github.com>

marcoscaceres commented on this pull request.



>          </p>
       </section>
     </section>
     <section>
       <h2>
+        Security consideration
+      </h2>
+      <p>
+        The URLs relied upon by this specification are only expected to be used
+        by APIs, or internally by the user agent. As such, there is no
+        expectation that URLs defined in this specification would ever be
+        rendered or passed around by end-users. However, in the off-chance that
+        they are, implementers need to be aware of the <a data-cite=
+        "!URL#security-considerations">security considerations</a> from the
+        [[!URL]] specification.

You are right. Can definitely write this "as the world is today" - where there are no known instances of these URLs being rendered. Will fix.  

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments-method-identifiers/pull/35#discussion_r113637017

Received on Thursday, 27 April 2017 08:07:34 UTC