[webkit-changes] [WebKit/WebKit] fead01: Support Apple Pay in cross-origin iframes with all...
Commit Queue
noreply at github.com
Wed Apr 5 06:01:42 PDT 2023
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: fead01e13ad2f5837324865b19f30607383d410c
https://github.com/WebKit/WebKit/commit/fead01e13ad2f5837324865b19f30607383d410c
Author: Javier López <zeswen at Javiers-MacBook-Air.local>
Date: 2023-04-05 (Wed, 05 Apr 2023)
Changed paths:
M LayoutTests/http/tests/paymentrequest/payment-allow-attribute.https-expected.txt
M Source/WebCore/Modules/applepay/PaymentSession.cpp
Log Message:
-----------
Support Apple Pay in cross-origin iframes with allow=payment attribute
https://bugs.webkit.org/show_bug.cgi?id=226345
Reviewed by Dean Jackson.
This bug happens because there is a check for the parentDocument to have
the same security origin than the child document, contrary to what the
[Payment Request API spec from W3 states](https://www.w3.org/TR/payment-request/#using-with-cross-origin-iframes).
The solution is to remove the check for the same parentDocument origin.
* LayoutTests/http/tests/paymentrequest/payment-allow-attribute.https-expected.txt:
- Update tests according to new behavior
* Source/WebCore/Modules/applepay/PaymentSession.cpp:
(PaymentSession::canCreateSession):
- Remove check for same parent origin since we have allow payment check before
Canonical link: https://commits.webkit.org/262616@main
More information about the webkit-changes
mailing list