stpeter commented on this pull request.
> @@ -3325,6 +3323,49 @@ <h2>
<h2>
Security Considerations
</h2>
+ <section class="informative">
+ <h2 id="sec-enhancements">
+ Mechanisms to enhance security
+ </h2>
+ <p>
+ This specification includes a number of mechanisms to enhance the
+ security of the API:
+ </p>
+ <ul data-link-for="PaymentRequest">
+ <li>The <a>PaymentRquest</a>'s <a>show()</a> method needs to
+ <a>triggered by user activation</a>. This reduces content's ability
Should we point to https://html.spec.whatwg.org/multipage/interaction.html#activation here?
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/payment-request/pull/683#pullrequestreview-96342451