On Sat, 16 Jun 2012 06:05:35 +0200, Alex MacCaw <macc...@gmail.com> wrote:
I've been working on a way of integrating one-click payments (and signup)
into the browser, and I wanted to put it in front of a few people to get
some feedback.
The API I was playing about with was pretty simple, and is documented
here:
http://blog.alexmaccaw.com/preview/MjQxMDcwOTcwNjAYz14YvbdZWrrVg
(that link seems to go nowhere except the front of your blog)
It's basically an API to autocomplete data, already stored in the browser
and containing things like credit card number and name.
For example:
navigator.requestProfile(['firstName', 'email', 'cardNumber'], function(
profile){ console.log('Your name is:', profile.firstName); /* ... */ });
So it seems you are just using an API to support autocomplete, but with
magic tokens as well as the browser heuristics that are normally used.
This seems to introduce a lot of UI security issues (asking for data for
hidden form fields or fields that are out of the rendering view, ...).
cheers
Chaals
I've also created a Chrome
extension<https://github.com/maccman/request-profile> demonstrating
the API. I think the key thing to getting adoption for something like
this
is to keep it really simple.
Cheers,
Alex
--
Charles 'chaals' McCathieNevile Opera Software, Standards Group
je parle français -- hablo español -- jeg kan noen norsk
http://my.opera.com/chaals Try Opera: http://www.opera.com
