On Thu, Sep 15, 2022 at 9:03 PM Rouslan Solomakhin <[email protected]> wrote:
> Hi Mike, > > > do we have any reason to believe there are consumers of this API who > have disabled telemetry, i.e. maybe in enterprise contexts? > > We don't have any indications that this could be happening. > > > do we know how these few sites who are using the API... are using the > API? Does any real-world usage show up in HTTP Archive? > > Found 2 websites in HTTP Archive: > > 1. A payment app website that also uses a JIT install for payment > handlers. > 2. A payment app website that installs a payment handler when you > visit their home page, but the code looks more like a demo because of > hard-coded strings. > > Would we expect those uses to break? Are they feature detecting the API before using it? > Happy to discuss further. > > Cheers, > Rouslan > > On Wed, Sep 14, 2022 at 12:23 PM Mike Taylor <[email protected]> > wrote: > >> Hi Rouslan, >> >> Usage is indeed low - do we have any reason to believe there are >> consumers of this API who have disabled telemetry, i.e. maybe in enterprise >> contexts? And do we know how these few sites who are using the API... are >> using the API? Does any real-world usage show up in HTTP Archive? >> >> thanks, >> Mike >> >> On 9/14/22 8:55 AM, Chris Harrelson wrote: >> >> LGTM1 >> >> On Wed, Sep 14, 2022 at 8:05 AM Rouslan Solomakhin <[email protected]> >> wrote: >> >>> Contact emails [email protected], [email protected] >>> >>> Summary >>> >>> PaymentInstruments >>> <https://w3c.github.io/payment-handler/#paymentinstruments-interface> >>> is the Web API that backs non-JIT install of payment apps (see >>> https://w3c.github.io/payment-handler/). It was designed with the >>> assumption that the browser would store the actual payment instrument >>> details, which has not turned out to be true, and has some privacy leaks. >>> It also has not shipped on any other browser, not have we seen any interest >>> from other browser vendors. As such, we are interested in deprecating and >>> removing the API. >>> >>> Blink component Blink>Payments >>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EPayments> >>> >>> Motivation >>> >>> The PaymentInstruments.set() method allows an attacker website to store >>> arbitrary data, which can later be retrieved via PaymentInstruments.get() >>> potentially in a third-party context. For example, the user visits >>> https://tracker.example, which generates and stores a UUID for that >>> user via PaymentInstruments.set(key, UUID). Later, the user visits >>> https://site.example, which opens an iframe for https://tracker.example. >>> That iframe calls PaymentInstruments.get(key) and can retrieve the UUID, >>> thus allowing https://tracker.example to know which user it is. Given >>> the lack of uptake in PaymentInstruments.set(), versus the more common >>> JIT-install path, as well as the overly powerful nature of the API, we >>> propose to remove PaymentInstruments entirely. (PaymentInstruments was >>> designed with the belief that the browser would know about individual >>> payment methods (e.g., credit cards) rather than payment apps, hence the >>> need to store/retrieve arbitrary information.) >>> >>> TAG review status Not applicable >>> >>> Risks >>> Interoperability and Compatibility *Gecko*: Does not implement the Payment >>> Handler API. >>> *WebKit*: Does not implement the Payment Handler API. >>> *Web developers*: No signals >>> >>> *Other signals*: Metrics of API usage show little to no uptake (< >>> 0.00010 % page loads) >>> PaymentInstruments - >>> https://chromestatus.com/metrics/feature/timeline/popularity/4229 >>> PaymentInstruments.clear - >>> https://chromestatus.com/metrics/feature/timeline/popularity/4230 >>> PaymentInstruments.delete - >>> https://chromestatus.com/metrics/feature/timeline/popularity/4231 >>> PaymentInstruments.get - >>> https://chromestatus.com/metrics/feature/timeline/popularity/4232 >>> PaymentInstruments.has - >>> https://chromestatus.com/metrics/feature/timeline/popularity/4233 >>> PaymentInstruments.keys - >>> https://chromestatus.com/metrics/feature/timeline/popularity/4234 >>> PaymentInstruments.set - >>> https://chromestatus.com/metrics/feature/timeline/popularity/4235 >>> >>> WebView application risks Payment Handler API is not implemented in >>> WebView. >>> >>> Debuggability >>> >>> Standard DevTools debugging. >>> >>> Is this feature fully tested by web-platform-tests >>> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >>> ? >>> Yes - >>> https://wpt.fyi/results/payment-handler/payment-instruments.https.html >>> >>> Requires code in //chrome? False >>> >>> Tracking bug https://crbug.com/1327265 >>> >>> Launch bug https://crbug.com/1363633 >>> >>> Estimated milestones >>> >>> Would like to remove in M108. >>> >>> Link to entry on the Chrome Platform Status >>> https://chromestatus.com/feature/5099285054488576 >>> >>> This intent message was generated by Chrome Platform Status >>> <https://chromestatus.com/>. >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "blink-dev" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAMMzaWGzus%3DU48U06m-gk7_2G6Wnhn59UJXLi9xW9uz5%2BEWQuA%40mail.gmail.com >>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAMMzaWGzus%3DU48U06m-gk7_2G6Wnhn59UJXLi9xW9uz5%2BEWQuA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "blink-dev" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw8_gN61x4ijCz_Dz433Lf8B-Vbi0rrtKjUFnXJ1Lw__SQ%40mail.gmail.com >> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw8_gN61x4ijCz_Dz433Lf8B-Vbi0rrtKjUFnXJ1Lw__SQ%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> >> >> -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAMMzaWH6hkEcc3yx0%3DhP%2Bup7gHw1KeS5KW_hi0YbU9t7oi1yVA%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAMMzaWH6hkEcc3yx0%3DhP%2Bup7gHw1KeS5KW_hi0YbU9t7oi1yVA%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAL5BFfUqELGBnS2E5EQsB%2Bu1z_SQQ58jWAjKqsVpS%3DKtGd%3DO_g%40mail.gmail.com.
