Re: [w3c/payment-handler] Security addition (#214)

ianbjacobs commented on this pull request.



> @@ -1861,6 +1862,12 @@
         <h2>
           Payment App Authenticity
         </h2>
+        <ul>
+          <li>The user agent is not required to make available payment handlers

I think there is an expectation that the browser will make available all matching payment apps. This explicitly licenses the browser to exclude payment apps (that would otherwise match) for security reasons.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/payment-handler/pull/214#discussion_r137292527

Received on Wednesday, 6 September 2017 14:55:58 UTC