What did you have in mind in terms of a deprecation timeline? Are you planning to pipe that through CountDeprecation <https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/renderer/core/frame/deprecation/deprecation.h;l=41?q=deprecation.h&ss=chromium> to ensure deprecation reporting?
On Tue, Sep 20, 2022 at 4:26 PM Rouslan Solomakhin <rous...@chromium.org> wrote: > > Would we expect those uses to break? Are they feature detecting the API > before using it? > > Partially (for both questions!). In examining the site logic we have found > that: > > Good news: > > 1. These websites will correctly fall back to JIT install of payment > handlers in the absence of PaymentInstruments. That does not use the > PaymentInstruments API and will continue to work as before. > 2. The websites are feature-detecting the parent PaymentManager > interface, registration.paymentManager, which is currently implemented > only in Blink. > > Bad news: > > 1. Once the websites detect the presence of registration.paymentManager, > they assume that it has all of the fields present, including > registration.paymentManager.instruments. If we remove this instruments > field, then there will be some JavaScript errors on these websites. As far > as we can tell, these errors are limited in impact and do not affect > overall site functionality. > > > On Tue, Sep 20, 2022 at 5:20 AM Yoav Weiss <yoavwe...@chromium.org> wrote: > >> >> >> On Thu, Sep 15, 2022 at 9:03 PM Rouslan Solomakhin <rous...@chromium.org> >> wrote: >> >>> Hi Mike, >>> >>> > do we have any reason to believe there are consumers of this API who >>> have disabled telemetry, i.e. maybe in enterprise contexts? >>> >>> We don't have any indications that this could be happening. >>> >>> > do we know how these few sites who are using the API... are using the >>> API? Does any real-world usage show up in HTTP Archive? >>> >>> Found 2 websites in HTTP Archive: >>> >>> 1. A payment app website that also uses a JIT install for payment >>> handlers. >>> 2. A payment app website that installs a payment handler when you >>> visit their home page, but the code looks more like a demo because of >>> hard-coded strings. >>> >>> Would we expect those uses to break? Are they feature detecting the API >> before using it? >> >> >>> Happy to discuss further. >>> >>> Cheers, >>> Rouslan >>> >>> On Wed, Sep 14, 2022 at 12:23 PM Mike Taylor <miketa...@chromium.org> >>> wrote: >>> >>>> Hi Rouslan, >>>> >>>> Usage is indeed low - do we have any reason to believe there are >>>> consumers of this API who have disabled telemetry, i.e. maybe in enterprise >>>> contexts? And do we know how these few sites who are using the API... are >>>> using the API? Does any real-world usage show up in HTTP Archive? >>>> >>>> thanks, >>>> Mike >>>> >>>> On 9/14/22 8:55 AM, Chris Harrelson wrote: >>>> >>>> LGTM1 >>>> >>>> On Wed, Sep 14, 2022 at 8:05 AM Rouslan Solomakhin < >>>> rous...@chromium.org> wrote: >>>> >>>>> Contact emails rous...@chromium.org, smcgr...@chromium.org >>>>> >>>>> Summary >>>>> >>>>> PaymentInstruments >>>>> <https://w3c.github.io/payment-handler/#paymentinstruments-interface> >>>>> is the Web API that backs non-JIT install of payment apps (see >>>>> https://w3c.github.io/payment-handler/). It was designed with the >>>>> assumption that the browser would store the actual payment instrument >>>>> details, which has not turned out to be true, and has some privacy leaks. >>>>> It also has not shipped on any other browser, not have we seen any >>>>> interest >>>>> from other browser vendors. As such, we are interested in deprecating and >>>>> removing the API. >>>>> >>>>> Blink component Blink>Payments >>>>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EPayments> >>>>> >>>>> Motivation >>>>> >>>>> The PaymentInstruments.set() method allows an attacker website to >>>>> store arbitrary data, which can later be retrieved via >>>>> PaymentInstruments.get() potentially in a third-party context. For >>>>> example, >>>>> the user visits https://tracker.example, which generates and stores a >>>>> UUID for that user via PaymentInstruments.set(key, UUID). Later, the user >>>>> visits https://site.example, which opens an iframe for >>>>> https://tracker.example. That iframe calls >>>>> PaymentInstruments.get(key) and can retrieve the UUID, thus allowing >>>>> https://tracker.example to know which user it is. Given the lack of >>>>> uptake in PaymentInstruments.set(), versus the more common JIT-install >>>>> path, as well as the overly powerful nature of the API, we propose to >>>>> remove PaymentInstruments entirely. (PaymentInstruments was designed with >>>>> the belief that the browser would know about individual payment methods >>>>> (e.g., credit cards) rather than payment apps, hence the need to >>>>> store/retrieve arbitrary information.) >>>>> >>>>> TAG review status Not applicable >>>>> >>>>> Risks >>>>> Interoperability and Compatibility *Gecko*: Does not implement the Payment >>>>> Handler API. >>>>> *WebKit*: Does not implement the Payment Handler API. >>>>> *Web developers*: No signals >>>>> >>>>> *Other signals*: Metrics of API usage show little to no uptake (< >>>>> 0.00010 % page loads) >>>>> PaymentInstruments - >>>>> https://chromestatus.com/metrics/feature/timeline/popularity/4229 >>>>> PaymentInstruments.clear - >>>>> https://chromestatus.com/metrics/feature/timeline/popularity/4230 >>>>> PaymentInstruments.delete - >>>>> https://chromestatus.com/metrics/feature/timeline/popularity/4231 >>>>> PaymentInstruments.get - >>>>> https://chromestatus.com/metrics/feature/timeline/popularity/4232 >>>>> PaymentInstruments.has - >>>>> https://chromestatus.com/metrics/feature/timeline/popularity/4233 >>>>> PaymentInstruments.keys - >>>>> https://chromestatus.com/metrics/feature/timeline/popularity/4234 >>>>> PaymentInstruments.set - >>>>> https://chromestatus.com/metrics/feature/timeline/popularity/4235 >>>>> >>>>> WebView application risks Payment Handler API is not implemented in >>>>> WebView. >>>>> >>>>> Debuggability >>>>> >>>>> Standard DevTools debugging. >>>>> >>>>> Is this feature fully tested by web-platform-tests >>>>> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >>>>> ? >>>>> Yes - >>>>> https://wpt.fyi/results/payment-handler/payment-instruments.https.html >>>>> >>>>> Requires code in //chrome? False >>>>> >>>>> Tracking bug https://crbug.com/1327265 >>>>> >>>>> Launch bug https://crbug.com/1363633 >>>>> >>>>> Estimated milestones >>>>> >>>>> Would like to remove in M108. >>>>> >>>>> Link to entry on the Chrome Platform Status >>>>> https://chromestatus.com/feature/5099285054488576 >>>>> >>>>> This intent message was generated by Chrome Platform Status >>>>> <https://chromestatus.com/>. >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "blink-dev" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to blink-dev+unsubscr...@chromium.org. >>>>> To view this discussion on the web visit >>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAMMzaWGzus%3DU48U06m-gk7_2G6Wnhn59UJXLi9xW9uz5%2BEWQuA%40mail.gmail.com >>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAMMzaWGzus%3DU48U06m-gk7_2G6Wnhn59UJXLi9xW9uz5%2BEWQuA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>> . >>>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "blink-dev" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to blink-dev+unsubscr...@chromium.org. >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw8_gN61x4ijCz_Dz433Lf8B-Vbi0rrtKjUFnXJ1Lw__SQ%40mail.gmail.com >>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw8_gN61x4ijCz_Dz433Lf8B-Vbi0rrtKjUFnXJ1Lw__SQ%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>> . >>>> >>>> >>>> -- >>> You received this message because you are subscribed to the Google >>> Groups "blink-dev" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to blink-dev+unsubscr...@chromium.org. >>> To view this discussion on the web visit >>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAMMzaWH6hkEcc3yx0%3DhP%2Bup7gHw1KeS5KW_hi0YbU9t7oi1yVA%40mail.gmail.com >>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAMMzaWH6hkEcc3yx0%3DhP%2Bup7gHw1KeS5KW_hi0YbU9t7oi1yVA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAL5BFfWQYxQOgxuHqeM1haXf0HXxZQy8u5WdCRzNS5ktnw4kDg%40mail.gmail.com.
