Hi Rouslan,
Usage is indeed low - do we have any reason to believe there are
consumers of this API who have disabled telemetry, i.e. maybe in
enterprise contexts? And do we know how these few sites who are using
the API... are using the API? Does any real-world usage show up in HTTP
Archive?
thanks,
Mike
On 9/14/22 8:55 AM, Chris Harrelson wrote:
LGTM1
On Wed, Sep 14, 2022 at 8:05 AM Rouslan Solomakhin
<rous...@chromium.org> wrote:
Contact emails
rous...@chromium.org, smcgr...@chromium.org
Summary
PaymentInstruments
<https://w3c.github.io/payment-handler/#paymentinstruments-interface>
is the Web API that backs non-JIT install of payment apps (see
https://w3c.github.io/payment-handler/). It was designed with the
assumption that the browser would store the actual payment
instrument details, which has not turned out to be true, and has
some privacy leaks. It also has not shipped on any other browser,
not have we seen any interest from other browser vendors. As such,
we are interested in deprecating and removing the API.
Blink component
Blink>Payments
<https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EPayments>
Motivation
The PaymentInstruments.set() method allows an attacker website to
store arbitrary data, which can later be retrieved via
PaymentInstruments.get() potentially in a third-party context. For
example, the user visits https://tracker.example, which generates
and stores a UUID for that user via PaymentInstruments.set(key,
UUID). Later, the user visits https://site.example, which opens an
iframe for https://tracker.example. That iframe calls
PaymentInstruments.get(key) and can retrieve the UUID, thus
allowing https://tracker.example to know which user it is. Given
the lack of uptake in PaymentInstruments.set(), versus the more
common JIT-install path, as well as the overly powerful nature of
the API, we propose to remove PaymentInstruments entirely.
(PaymentInstruments was designed with the belief that the browser
would know about individual payment methods (e.g., credit cards)
rather than payment apps, hence the need to store/retrieve
arbitrary information.)
TAG review status
Not applicable
Risks
Interoperability and Compatibility
/Gecko/: Does not implement the Payment Handler API.
/WebKit/: Does not implement the Payment Handler API.
/Web developers/: No signals
/Other signals/: Metrics of API usage show little to no uptake (<
0.00010 % page loads)
PaymentInstruments -
https://chromestatus.com/metrics/feature/timeline/popularity/4229
PaymentInstruments.clear -
https://chromestatus.com/metrics/feature/timeline/popularity/4230
PaymentInstruments.delete -
https://chromestatus.com/metrics/feature/timeline/popularity/4231
PaymentInstruments.get -
https://chromestatus.com/metrics/feature/timeline/popularity/4232
PaymentInstruments.has -
https://chromestatus.com/metrics/feature/timeline/popularity/4233
PaymentInstruments.keys -
https://chromestatus.com/metrics/feature/timeline/popularity/4234
PaymentInstruments.set -
https://chromestatus.com/metrics/feature/timeline/popularity/4235
WebView application risks
Payment Handler API is not implemented in WebView.
Debuggability
Standard DevTools debugging.
Is this feature fully tested by web-platform-tests
<https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md>?
Yes -
https://wpt.fyi/results/payment-handler/payment-instruments.https.html
Requires code in //chrome?
False
Tracking bug
https://crbug.com/1327265
Launch bug
https://crbug.com/1363633
Estimated milestones
Would like to remove in M108.
Link to entry on the Chrome Platform Status
https://chromestatus.com/feature/5099285054488576
This intent message was generated by Chrome Platform Status
<https://chromestatus.com/>.
--
You received this message because you are subscribed to the Google
Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to blink-dev+unsubscr...@chromium.org.
To view this discussion on the web visit
https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAMMzaWGzus%3DU48U06m-gk7_2G6Wnhn59UJXLi9xW9uz5%2BEWQuA%40mail.gmail.com
<https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAMMzaWGzus%3DU48U06m-gk7_2G6Wnhn59UJXLi9xW9uz5%2BEWQuA%40mail.gmail.com?utm_medium=email&utm_source=footer>.
--
You received this message because you are subscribed to the Google
Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to blink-dev+unsubscr...@chromium.org.
To view this discussion on the web visit
https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw8_gN61x4ijCz_Dz433Lf8B-Vbi0rrtKjUFnXJ1Lw__SQ%40mail.gmail.com
<https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw8_gN61x4ijCz_Dz433Lf8B-Vbi0rrtKjUFnXJ1Lw__SQ%40mail.gmail.com?utm_medium=email&utm_source=footer>.
--
You received this message because you are subscribed to the Google Groups
"blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to blink-dev+unsubscr...@chromium.org.
To view this discussion on the web visit
https://groups.google.com/a/chromium.org/d/msgid/blink-dev/7ccdd62c-2036-9793-05be-643129f44a1b%40chromium.org.