commit | 115f723900c543655bd4b9993d022be8f7bb54ee | [log] [tgz] |
---|---|---|
author | Rouslan Solomakhin <rouslan@chromium.org> | Tue Aug 01 15:24:38 2017 |
committer | Commit Bot <commit-bot@chromium.org> | Tue Aug 01 15:24:38 2017 |
tree | e7767cb4c1d354d253be29faa978fe5e7326dd05 | |
parent | 3f8482bae3536d32d2f3fcc13ee535b6d277e56b [diff] |
[Payments] canMakePayment() rate limit to iframe + top level origin. Before this patch, if a payment service provider https://checkout.com was being used in iframes for both https://momsshop.com and https://popsshop.com, but with different sets of supported payment methods, then canMakePayment() would be rejected with "NotAllowedError" due to the rate limit on the iframe origin. This patch changes the rate limiting to be based on the concatenation of both iframe and top level origins instead of only iframe origin. After this patch, if a payment service provider https://checkout.com is being used in iframes for both https://momsshop.com and https://bobsshop.com with different sets of supported payment methods, then canMakePayment() will resolve with "true" or "false" according to the user state instead of rejecting with "NotAllowedError". This patch changes behavior for desktop and Android only, because iOS implementation of PaymentRequest does not support iframes. Bug: 742589 Change-Id: I08e15c325fc6027e82be7fddc047312235c82f51 Reviewed-on: https://chromium-review.googlesource.com/591747 Reviewed-by: Mathieu Perreault <mathp@chromium.org> Reviewed-by: mahmadi <mahmadi@chromium.org> Commit-Queue: Rouslan Solomakhin <rouslan@chromium.org> Cr-Commit-Position: refs/heads/master@{#490998}
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
The project's web site is https://www.chromium.org.
Documentation in the source is rooted in docs/README.md.
Learn how to Get Around the Chromium Source Code Directory Structure .