Re: [w3c/payment-request] Editorial: use new user activation model (#885) from Marcos Cáceres on 2019-12-10 (public-webpayments-specs@w3.org from December 2019)

From: Marcos Cáceres <notifications@github.com>
Date: Tue, 10 Dec 2019 15:37:11 -0800
To: w3c/payment-request <payment-request@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/payment-request/pull/885/review/330217771@github.com>

marcoscaceres commented on this pull request.



> @@ -956,11 +956,13 @@ <h2>
           follows:
         </p>
         <ol class="algorithm">
+          <li>Let |window:Window| be the [=relevant global object=] of the
+          [=environment settings object/responsible document=].

> You will never be able to allow clicking on the top-level Window to activate a PaymentRequest object that comes from a different-origin iframe, within the current framework.

Oh, um, ok... we might need to check how Stripe and Shopify work (why we have the “allowpaymentrequest” on iframes). That might be a showstopper if they currently depend on this behavior. 

Did the above used to work for other things in old v1 activation model? I seem to recall “triggered by user activation” needing to survive a postMessage() to work with some payment services. 

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/payment-request/pull/885#discussion_r356336201

Received on Tuesday, 10 December 2019 23:37:13 UTC