components/payments/payment_request.mojom - Issue 2500183002: Do not parse JSON in the browser.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: components/payments/payment_request.mojom

Issue 2500183002: Do not parse JSON in the browser. (Closed)

Patch Set: Use a Dictionary type in IDL Created 4 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « chrome/android/javatests/src/org/chromium/chrome/browser/payments/PaymentRequestTestBase.java ('k') | third_party/WebKit/LayoutTests/payments/payment-request-interface.html » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: components/payments/payment_request.mojom

diff --git a/components/payments/payment_request.mojom b/components/payments/payment_request.mojom

index 5820909d98b46c5c7153410b8d685e226a1314fc..1e8bc5c307052972c4038ca2fff5a4ff4e6e2323 100644

--- a/components/payments/payment_request.mojom

+++ b/components/payments/payment_request.mojom

@@ -127,18 +127,51 @@ struct PaymentOptions {

PaymentShippingType shipping_type;

};

+enum AndroidPayEnvironment {

+ PRODUCTION,

+ TEST

+};

+enum AndroidPayCardNetwork {

+ AMEX,

+ DISCOVER,

+ MASTERCARD,

+ VISA

+};

+enum AndroidPayTokenization {

+ UNSPECIFIED,

+ GATEWAY_TOKEN,

+ NETWORK_TOKEN

+};

+struct AndroidPayTokenizationParameter {

+ string? key;

+ string? value;

+};

struct PaymentMethodData {

array<string> supported_methods;

// A JSON string built by the renderer from a JavaScript object that the

// merchant website provides. The renderer uses

- // blink::JSONObject::toJSONString() to generate this string. The browser

- // parses the string via JSONObject(JsonSanitizer.sanitize(stringified_data))

- // and passes a part of the JSON object to the payment app, for example

- // Android Pay. There's no one format for this object, so richer types cannot

- // be used. A simple example:

+ // blink::JSONObject::toJSONString() to generate this string. The browser does

+ // not parse the string and passes it as-is directly to payment apps. There's

+ // no one format for this object, so richer types cannot be used. A simple

+ // example:

// {"gateway": "stripe"}

string stringified_data;

+ // Android Pay specific method data is parsed in the renderer.

+ // https://developers.google.com/web/fundamentals/getting-started/primers/payment-request/android-pay

+ // TODO(rouslan): Stop parsing Android Pay data. http://crbug.com/620173

+ AndroidPayEnvironment environment;

+ string? merchant_name;

+ string? merchant_id;

+ array<AndroidPayCardNetwork> allowed_card_networks;

+ AndroidPayTokenization tokenization_type;

+ array<AndroidPayTokenizationParameter> parameters;

};

enum PaymentComplete {