Re: [w3c/payment-request] Changes resulting from 28 February PING privacy review (#843)

marcoscaceres commented on this pull request.



> +          <a>canMakePayment()</a>;
+          </li>
+          <li>Rate-limiting the frequency of calls to <a>canMakePayment()</a>
+          with different parameters.
+          </li>
+        </ul>
+        <p>
+          For rate-limiting the user agent might look at repeated calls from:
+        </p>
+        <ul>
+          <li>the same effective top-level domain plus one (eTLD+1).
+          </li>
+          <li>the top-level browsing context. Alternatively, the user agent may
+          block access to the API entirely for origins know to be bad actors.
+          </li>
+          <li>for an <a>iframe</a>, the origin of the <a>iframe</a> content.

```suggestion
          <li>from the origin of an <a>iframe</a> or popup window.
```

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/payment-request/pull/843#pullrequestreview-213674150

Received on Tuesday, 12 March 2019 22:05:00 UTC