- From: ianbjacobs <notifications@github.com>
- Date: Thu, 16 Apr 2020 14:56:00 -0700
- To: w3c/payment-handler <payment-handler@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 16 April 2020 21:56:15 UTC
@ianbjacobs commented on this pull request.
> @@ -2445,6 +2445,22 @@ <h2>
</li>
</ul>
</section>
+ <section>
+ <h2>
+ User Awareness about Sharing Data Cross-Origin
+ </h2>
+ <ul>
+ <li>By design, a payment handler from one origin shares data with
+ another origin (e.g., the merchant site).
+ </li>
+ <li>It is important that user agents make clear to users the origin
+ of a payment handler.
+ </li>
+ <li>User agents should help users understand that they are sharing
Hi @danyao,
What level of detail do you think is practical? Some examples (verbiage illustrative only):
- Level 0: You are sharing personal information with <origin> for this transaction.
- Level 1: You are sharing address and contact information with <origin> for this transaction.
- Level 2: You are sharing the following with <origin>:
<specific address>
<specific contact information>
Ian
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/payment-handler/pull/366#discussion_r409871469
Received on Thursday, 16 April 2020 21:56:15 UTC