Author: Mike Hearn 2014-05-12 10:28:29
Published on: 2014-05-12T10:28:29+00:00
The discussion is about amending BIP 70 to suggest including a "Access-Control-Allow-Origin: *" response header for payment request responses. The header exists to prevent security holes arising from mobile code fetching random web resources. Implementing the payment protocol in browser-sandboxed JavaScript may not be popular, therefore, it is unclear how useful this suggestion would be.
Updated on: 2023-06-08T22:34:03.206389+00:00