- From: Mike West <notifications@github.com>
- Date: Wed, 29 Nov 2017 07:27:50 +0000 (UTC)
- To: w3c/payment-handler <payment-handler@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 29 November 2017 07:28:15 UTC
> But current spec says that the feature is an extension of ServiceWorker and, ultimately, it have no choice but to depend on SW lifetime. I see. In that case, I'm certainly wrong. This would be considered "site data" in Chrome, and would be affected by both the user-facing interface at `chrome://settings/clearBrowserData`, and the `Clear-Site-Data` header. In particular, the latter mechanism is something of a "reset button" for an origin. It sounds like the payment handler mechanism installs code that handles payment requests: it would be surprising if we didn't clear out code that when a site asked us to. Likewise, if the site installs arbitrary, web-accessible code (potentially including identifiers in the source) on a user's machine, it's tough to see why we wouldn't clear it out as part of the "Clear Browsing Data" dialog. +@msramek who might have opinions from a privacy perspective. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/payment-handler/issues/236#issuecomment-347775524
Received on Wednesday, 29 November 2017 07:28:15 UTC