Re: [w3c/payment-request] Add hasEnrolledInstrument() (#833)

danyao commented on this pull request.



> +          <li>Let <var>request</var> be the <a>PaymentRequest</a> object on
+          which the method was called.
+          </li>
+          <li>If <var>request</var>.<a>[[\state]]</a> is not "<a>created</a>",
+          then return <a>a promise rejected with</a> an
+          "<a>InvalidStateError</a>" <a>DOMException</a>.
+          </li>
+          <li data-tests=
+          "payment-request/payment-request-hasenrolledinstrument-method-protection.https.html">
+          If <var>checkForInstruments</var> is true, optionally, at the
+          <a>top-level browsing context</a>'s discretion, return <a>a promise
+          rejected with</a> a "<a>NotAllowedError</a>" <a> DOMException</a>.
+            <p class="note" data-link-for="PaymentRequest">
+              This allows user agents to apply heuristics to detect and prevent
+              abuse of the <a>hasEnrolledInstrument()</a> method for
+              fingerprinting purposes, such as creating <a>PaymentRequest</a>

Done.

-- 
You are receiving this because you commented.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/payment-request/pull/833#discussion_r257406270

Received on Friday, 15 February 2019 22:04:09 UTC