- From: Danyao Wang <notifications@github.com>
- Date: Tue, 10 Sep 2019 19:48:09 -0700
- To: w3c/payment-request <payment-request@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 11 September 2019 02:48:31 UTC
@adrianhopebailie: I haven't thought of this use case as an analogy of https://github.com/w3c/payment-handler/issues/337 so it's cool that you point this out! I see a clear benefit of building on top of the capabilities registration mechanism: this limits the information exchange between merchant and payment handler to well-defined entities (i.e. shipping, contact, total), which is probably good for security. I worry slightly about the capabilities list growing too long over time (which a generic pipe would be simpler) - but it's just a hunch now. I have no use cases to back that up. I think there may still be a legitimate use case where the website needs to know the total before `show()`: e.g. to display the price to the user. Why do you think this has worse privacy property? @ianbjacobs: can you remind me what is the ride sharing $0 total use case? I thought there is usually a cost estimate when starting a ride. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/payment-request/issues/879#issuecomment-530196740
Received on Wednesday, 11 September 2019 02:48:31 UTC