Re: [w3c/payment-handler] Add CanMakePaymentEvent. (#170) from Marcos Cáceres on 2018-03-13 (public-webpayments-specs@w3.org from March 2018)

From: Marcos Cáceres <notifications@github.com>
Date: Mon, 12 Mar 2018 21:44:28 -0700
To: w3c/payment-handler <payment-handler@noreply.github.com>
Cc: webpayments-specs <public-webpayments-specs@w3.org>, Comment <comment@noreply.github.com>
Message-ID: <w3c/payment-handler/pull/170/review/79439327@github.com>

marcoscaceres commented on this pull request.



> @@ -368,7 +373,7 @@ <h2>
       interface PaymentManager {
         [SameObject] readonly attribute PaymentInstruments instruments;
         [Exposed=Window] static Promise&lt;PermissionState&gt; requestPermission();
-        attribute DOMString userHint;     
+        attribute DOMString userHint;

I'm scared of this... seems easy for developers to screw up and expose too much information, or in an ugly way "****". I'd rather the UA be in charge of masking instrument information.   

> @@ -847,6 +852,163 @@ <h2>
         </section>
       </section>
     </section>
+    <section id="canmakepayment">
+      <h2>
+        Can make payment
+      </h2>
+      <p>

We should add a `<div class="issue" data-number>` here describing the privacy concern. If we can dig up Adam's original comment, maybe we can copy/paste text from there. 

-- 
You are receiving this because you commented.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/payment-handler/pull/170#pullrequestreview-79439327

Received on Tuesday, 13 March 2018 04:44:50 UTC