- From: crowgames <notifications@github.com>
- Date: Wed, 01 Apr 2020 07:08:23 -0700
- To: w3c/payment-request <payment-request@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 1 April 2020 14:08:37 UTC
In my Masters' thesis, I found a set of issues with the Web Payment APIs (see #903 for further reference). This is one of the mentioned issues. It is important that a user agent does not allow for a change of payment handler/method during a retry of a payment request (see #882). Sadly the specification is not very clear concerning that fact. The payment handler of a pymen request is selected in the 8th step of the _user accepts the payment request algorithm_. > Let _handler_ be the payment handler selected by the user. This 8th step corresponds to a selection that the user performs. In the retry mechanism, the _user accepts the payment request algorithm_ is executed a second time. This time the 8th step does not correspond to a payment handler that the user chooses, but to the earlier selected payment handler. This differentiation is vital since if a second selection of the user is possible, it introduces a possibility of charging a user in one transaction repeated times (depending on the payment handler implementation - see #882). Since this misinterpretation did already happen in earlier implementation of the Chromium project, a clarification of the spec should take place in my opinion. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/payment-request/issues/904
Received on Wednesday, 1 April 2020 14:08:37 UTC