From 30e4b9a96b71cb2e8f0c654080f08db40c4137a9 Mon Sep 17 00:00:00 2001 From: Rouslan Solomakhin Date: Mon, 9 Apr 2018 10:50:54 -0400 Subject: [PATCH] HTTPS considerations. Write down the security mitigations in Chrome for other implementers to be aware. --- index.html | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/index.html b/index.html index 8c35779..44da7aa 100644 --- a/index.html +++ b/index.html @@ -1669,6 +1669,15 @@

+
  • If the security properties of newContext are + unsatisfactory (e.g., invalid certificate), then: +
      +
    1. Reject promise with SecurityError.. +
      2. +
    2. Abort these steps. +
      3. +
    +
  • Let client be the result of running the create window client algorithm with newContext as the @@ -2078,6 +2087,31 @@

    • +
    +

    + HTTPS +

    +
      +
    • The user agent may block mixed content (e.g., non-HTTPS or + scripts) on the payment handler page. +
      • +
    • If the SSL certificate of the payment handler page is not valid + (e.g., self-signed), the user agent may cancel the payment. +
      • +
    • If the web-page is known to be malicious (e.g., a phishing page + according to a safe browsing database), the user agent may cancel the + payment. +
      • +
    • If the payment handler page redirects to a non-HTTPS scheme + origin, the user agent should cancel the payment. +
      • +
    +

    + The user agent should provide rationale to the payment handler + developers (e.g., through console messages) and may also inform the + user to help avoid confusion whenever these mitigations happen. +

    +