LGTM1 On Wed, Sep 14, 2022 at 8:05 AM Rouslan Solomakhin <rous...@chromium.org> wrote:
> Contact emailsrous...@chromium.org, smcgr...@chromium.org > > Summary > > PaymentInstruments > <https://w3c.github.io/payment-handler/#paymentinstruments-interface> is > the Web API that backs non-JIT install of payment apps (see > https://w3c.github.io/payment-handler/). It was designed with the > assumption that the browser would store the actual payment instrument > details, which has not turned out to be true, and has some privacy leaks. > It also has not shipped on any other browser, not have we seen any interest > from other browser vendors. As such, we are interested in deprecating and > removing the API. > > Blink componentBlink>Payments > <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EPayments> > > Motivation > > The PaymentInstruments.set() method allows an attacker website to store > arbitrary data, which can later be retrieved via PaymentInstruments.get() > potentially in a third-party context. For example, the user visits > https://tracker.example, which generates and stores a UUID for that user > via PaymentInstruments.set(key, UUID). Later, the user visits > https://site.example, which opens an iframe for https://tracker.example. > That iframe calls PaymentInstruments.get(key) and can retrieve the UUID, > thus allowing https://tracker.example to know which user it is. Given the > lack of uptake in PaymentInstruments.set(), versus the more common > JIT-install path, as well as the overly powerful nature of the API, we > propose to remove PaymentInstruments entirely. (PaymentInstruments was > designed with the belief that the browser would know about individual > payment methods (e.g., credit cards) rather than payment apps, hence the > need to store/retrieve arbitrary information.) > > TAG review statusNot applicable > > Risks > Interoperability and Compatibility*Gecko*: Does not implement the Payment > Handler API. > *WebKit*: Does not implement the Payment Handler API. > *Web developers*: No signals > > *Other signals*: Metrics of API usage show little to no uptake (< > 0.00010 % page loads) > PaymentInstruments - > https://chromestatus.com/metrics/feature/timeline/popularity/4229 > PaymentInstruments.clear - > https://chromestatus.com/metrics/feature/timeline/popularity/4230 > PaymentInstruments.delete - > https://chromestatus.com/metrics/feature/timeline/popularity/4231 > PaymentInstruments.get - > https://chromestatus.com/metrics/feature/timeline/popularity/4232 > PaymentInstruments.has - > https://chromestatus.com/metrics/feature/timeline/popularity/4233 > PaymentInstruments.keys - > https://chromestatus.com/metrics/feature/timeline/popularity/4234 > PaymentInstruments.set - > https://chromestatus.com/metrics/feature/timeline/popularity/4235 > > WebView application risksPayment Handler API is not implemented in > WebView. > > > Debuggability > > Standard DevTools debugging. > > > Is this feature fully tested by web-platform-tests > <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> > ? > Yes - > https://wpt.fyi/results/payment-handler/payment-instruments.https.html > > Requires code in //chrome?False > > Tracking bughttps://crbug.com/1327265 > > Launch bughttps://crbug.com/1363633 > > Estimated milestones > > Would like to remove in M108. > > Link to entry on the Chrome Platform Status > https://chromestatus.com/feature/5099285054488576 > > This intent message was generated by Chrome Platform Status > <https://chromestatus.com/>. > > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAMMzaWGzus%3DU48U06m-gk7_2G6Wnhn59UJXLi9xW9uz5%2BEWQuA%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAMMzaWGzus%3DU48U06m-gk7_2G6Wnhn59UJXLi9xW9uz5%2BEWQuA%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw8_gN61x4ijCz_Dz433Lf8B-Vbi0rrtKjUFnXJ1Lw__SQ%40mail.gmail.com.
