-
Notifications
You must be signed in to change notification settings - Fork 135
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow incremental request of billing and shipping address #873
Conversation
Thank you, @danyao! To summarize the proposal:
We have begun discussions [1] about the delegation of the request for shipping addresses to payment handlers. If the current proposal is adopted, that discussion will need to include a mechanism for the browser to request shipping address information from the payment handler in order to respond to the merchant's incremental request. As @danyao notes, this proposal does not address billing addresses. Note that:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Technically this should work.
I'm not following why we need the incremental increase in granularity? Is that really necessary? It seems like it would make implementing an interface much more difficult, because you'd need to be constantly updating it to add, remove, different address parts... that might be really confusing for users. |
to be clear, I don't follow why we need this:
Why not just ask up front? |
@marcoscaceres asking for everything up front requires user agents to over-share in some cases. For instance, maybe you offer flat-rate shipping in countryA but variable-per-region shipping in countryB. To cover both cases up front you'd have to ask for country and region, even though if you had only asked for country and gotten back countryA then you didn't need to know the user's region. So with incremental requests you can start at least-specific and drill down one level at a time (until you reach the redacted levels) until you have just enough to compute a details update and resolve your updateWith() promise. |
Ah, I see. Thanks for clarifying @aestes. |
This architecture seems like a good approach for both shipping and billing address. I would prefer if the "just ask for everything" option were removed - if only as a way to encourage the (admittedly harder to implement) incremental requests. Failing that, I want to see some specific text discouraging the use of the "just ask for everything". Perhaps as a sidebar in section 10? Point out that if potential customer disables it - assuming a UI has such a feature - the merchant will need to fall back to incremental requests anyway or lose the sale. And if they have to implement the incremental anyway, then why keep the "all"? Whether that boolean is removed or not, there should be some specific text encouraging the use of the incremental approach. That could be in 18.4.2, perhaps as a sidebar. It should also be mentioned in the security considerations, in 20.6. @aestes Thank you for reiterating the need for this. @joshkaroly, thank you for keeping the pressure on to do this with billing addresses, as well. |
4f5fc3e
to
6884656
Compare
…meter. Co-Authored-By: Marcos Cáceres <[email protected]>
Co-Authored-By: Marcos Cáceres <[email protected]>
6884656
to
28f206c
Compare
@samuelweiler I incorporated your comments:
I didn't add a note to the Security Considerations in Section 20.7 because that section currently focuses on non-normative recommendations to payment handler implementer to not over share user information (especially billing address) via Would you mind taking another look? @marcoscaceres @ianbjacobs @aestes PTAL as well. Also, as I was writing up the algorithm, I realize that the UX implementation may be tricky and would like to hear what others think. Say a payee initially requests "country", then request "region", should the user agent prompt the user for permission each time? This could be annoying. Should the user agent ask for a blanket permission upfront, e.g. "your shipping information will be shared"? But this is a bit misleading because user perceives more information is being shared than what the payee is actually asking for. Currently this is only a problem for user agents with built-in payment methods (e.g. ApplePay in Safari and basic-card in Chrome). Soon, payment handlers will face this problem as well when they start to support delegated shipping and contact information (w3c/payment-handler#337). |
@danyao thank you for this work, sorry you couldn't be at TPAC where we discussed the issue at length. My read of the room was that there is wide support for this but that the group does not want to hold up the process by making this a normative requirement in v1.0 nor remove the existing APIs which are already widely used. @marcoscaceres @aestes @rsolomakhin @ianbjacobs is there a way this can be marked as an "optional" feature for v1.0 of the spec? If so, I propose we make this change and I will do a call for consensus from the WG to proceed with v1.0 including this PR and that amendment. |
Hi all, I significantly reworked this pull request to now cover both billing and shipping addresses, and clarified how the new fields affect both addresses returned in intermediate events and the final response. I also added specific language to delegate the responsibility of returning an appropriate version of the billing address to the payment handler. The Payment Handler API and Basic Card spec need to be updated to implement the other side of this stub, but I think the Payment Request API side is reasonably complete and stands on its own. PTAL. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for continuing to work on this... found a couple of issues. The main think is around the state machine of the event that needs a few clarifications. Having multiple ongoing asynchronous operations (.updateWidth() + .requestBillingAddress()) is going to be quite challenging to implement... but I guess as long as the order is clear (i.e., await requestBillingAddress()
first, then do updateWidth()
, then it might be ok 😅).
I need to chew on this a bit more... the example makes me wonder if it could be simplified.
Anything in particular you want me to take a look at or just the whole thing in general? |
There was some suggested changes to the state machine of the event (i.e., what happens if you call things out of order, what happens if one promise resolves before the other, etc... what happens if you requestAddress, it rejects, and but updateWith resolves? etc). Can you check if that makes sense and if we need it? |
I would prefer that // GOOD
paymentRequest.addEventListener('shippingaddressupdate', (event) => {
event.updateWith(new Promise((updateAddressResolver) => {
const country = paymentRequest.shippingAddress.country;
if (country === 'US') {
const address = await event.requestShippingAddress(['regionCode', 'country']);
updateAddressResolver(calculatePriceForUsState(address.regionCode));
} else {
updateAddressResolver(calculatePriceForCountry(country));
}
}));
});
// BAD
paymentRequest.addEventListener('shippingaddressupdate', (event) => {
event.updateWith(new Promise((updateAddressResolver) => {
const country = paymentRequest.shippingAddress.country;
updateAddressResolver(calculatePriceForCountry(country));
}));
const address = await event.requestShippingAddress([]); // Too late!
}); |
Co-Authored-By: Marcos Cáceres <[email protected]>
Co-Authored-By: Marcos Cáceres <[email protected]>
Co-Authored-By: Marcos Cáceres <[email protected]>
Co-Authored-By: Marcos Cáceres <[email protected]>
Co-Authored-By: Marcos Cáceres <[email protected]>
Co-Authored-By: Marcos Cáceres <[email protected]>
Co-Authored-By: Marcos Cáceres <[email protected]>
Co-Authored-By: Marcos Cáceres <[email protected]>
Co-Authored-By: Marcos Cáceres <[email protected]>
Hi @marcoscaceres! Thanks for your patience with this pull request. I think I've addressed all your comments. Would you mind taking another pass? |
Sure! will take a look soon! |
As I was just reviewing this... I... um... had a thought...🤔 what if: typedef (sequence<AddressParts> or boolean) AddressRequirement;
dictionary PaymentOptions {
AddressRequirement requestBillingAddress = false;
AddressRequirement requestShippingAddress = false;
}; That would:
WDYT? ( |
I thought of two issues, but they seem solvable. First one is (old code + new browser) combination. If a website sets Second is how to differentiate between "address not requested" and "all address parts requested" if there is only a list. Currently with the boolean flag, we are treating {flag=true, list=[]} as "all". If there's only one list, I can think of three ways:
|
Co-Authored-By: Marcos Cáceres <[email protected]>
Co-Authored-By: Marcos Cáceres <[email protected]>
Co-Authored-By: Marcos Cáceres <[email protected]>
Co-Authored-By: Marcos Cáceres <[email protected]>
According to WebIDL, we should be able to distinguish between them. So if a boolean is passed, and it's
Oooh! I really like where you are going with 3!:
|
No more payment address with #955 |
closes #842
Add the ability for the merchant to request fine-grained parts of billing address and shipping address. This is based on @adrianhopebailie's idea from w3c/payment-method-basic-card#72 (comment).
We are making these changes because merchants (e.g. Netflix) has requested the ability to receive less information (e.g. Netflix).
At a high level, this pull request can be summarized as the following:
requestBillingAddress
andrequestShipping
booleans ofPaymentOptions
will live on to provide backward compatibility:requestBillingAddressParts
andrequestShippingAddressParts
will only take effect when the respective boolean flag is true.requestBillingAddressParts
andrequestShippingAddressParts
affect both intermediate results (e.g. those returned inPaymentRequestUpdateEvent
andPaymentMethodChangeEvent
) and final results inPaymentResponse
[[requestedShippingAddressParts]]
internal slot is added toPaymentRequest
to keep track of the cumulative address parts requested.requestedAddressParts
argument that callers will set using the new internal slot.requestBillingAddress([])
and/orrequestShippingAddress([])
.shippingaddresschange
event (type:PaymentRequestUpdateEvent
) must be fired at least once ifrequestShippingAddressParts
is non-empty to give payee an opportunity to request full shipping address.paymentmethodchange
event (type:PaymentMethodChangeEvent
) must be fired at least once ifrequestBillingAddressParts
is non-empty to give payee an opportunity to request full billing address.The following tasks have been completed:
Implementation commitment:
Preview | Diff