marcoscaceres commented on this pull request. > </p> + <ol class="algorithm"> + <li>Let <var>url</var> be the result of running the <a>URL parser</a> + on <var>input</var>. + </li> + <li>If failure, <a>throw</a> a <code>TypeError</code> exception. + </li> + <li>If running <a>potentially trustworthy URL</a> with <var>url</var> Thanks @zkoch for the pointer. As Anne states at the end of #9, the overloading of this URL as an identifier AND a resource could become a real issue. @domenic, crazy thought... but what if, to enable payment manifests, a developer instead had to serve the link relationship (instead of bobpay): So, `https://merchant.com/checkout`: ```HTTP Link: <https://bobpay.com/manifest>; rel="payment-method-manifest"; pmi="https://bobpay.com" ``` Then, so long as `Link` and referenced PMI are same origin, then "https://bobpay.com/manifest" can be fetched. This also has the benefit of allowing prefetching of the manifests. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/webpayments-method-identifiers/pull/35#discussion_r113851847
Received on Friday, 28 April 2017 04:48:14 UTC