- From: Danyao Wang <notifications@github.com>
- Date: Thu, 21 Jan 2021 08:49:16 -0800
- To: w3c/payment-request <payment-request@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 21 January 2021 16:49:29 UTC
> Reiterating mitigations relied upon by the spec and the purpose they serve, even if documented elsewhere, seems like a generally good idea. I’ve been exploring Chrome’s current implementation (using this site), and it has a fairly lenient interpretation of the migitations in the draft payment handler spec (seems like a URL based payment request could be fairly quickly made and completed without user interaction aside from an initial click in the web contents area). Understanding the implications of weakening these mitigations (i.e. arbitrary data sharing becomes a bit easier) shouldn’t require piecing together parts of different specs or issue threads. I agree with this assessment. We enumerated some of these weaknesses in the privacy threat model analysis [1] last year, and identified some mitigations, such as not allowing a payment handler to complete a transaction without user interaction. The next step will be to incorporate those mitigations into the spec. [1] https://w3c.github.io/webpayments/proposals/privacy-threat-model.html -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/payment-request/issues/936#issuecomment-764784767
Received on Thursday, 21 January 2021 16:49:29 UTC