Ross Nicoll [ARCHIVE] on Nostr: 📅 Original date posted:2014-04-26 📝 Original message:I'd be very cautious of ...
📅 Original date posted:2014-04-26
📝 Original message:I'd be very cautious of security implications of embedding files into
the payment request. Even file formats one would presume safe, such as
images, have had security issues (i.e.
https://technet.microsoft.com/library/security/ms11-006 )
Longer term I was wondering about embedding the PaymentRequest into web
pages directly via the <object> tag, which could eliminate need for
BIP0072 and potentially improve user interface integration that way.
Obviously this would require browser plugins, however.
Ross
On 26/04/14 18:36, Mike Hearn wrote:
>> PaymentRequests are limited to 50,000 bytes. I can't think of a reason why
>> Payment messages would need to be any bigger than that. Submit a pull
>> request to the existing BIP.
>>
> In future it might be nice to have images and things in the payment
> requests, to make UIs look prettier. But with the current version 50kb
> should be plenty indeed.
>
Published at
2023-06-07 15:20:16Event JSON
{
"id": "488677e5fe2c3f7f5bff2e70a410230c487293e8ae92f7872168526d2690887c",
"pubkey": "787ecd48da0d9610d322fb67c86ad23a5287d688559b2ff8ee546721fd990129",
"created_at": 1686151216,
"kind": 1,
"tags": [
[
"e",
"943033598b3a5b6f707aaca5dd69e4ac8ea6602b877b930b1fb35d7cc72d4f16",
"",
"root"
],
[
"e",
"30c9502968913651cbca4922318fc51006bd645033ec1ce62c1c231ebb9f70ca",
"",
"reply"
],
[
"p",
"f2c95df3766562e3b96b79a0254881c59e8639f23987846961cf55412a77f6f2"
]
],
"content": "📅 Original date posted:2014-04-26\n📝 Original message:I'd be very cautious of security implications of embedding files into\nthe payment request. Even file formats one would presume safe, such as\nimages, have had security issues (i.e.\nhttps://technet.microsoft.com/library/security/ms11-006 )\n\nLonger term I was wondering about embedding the PaymentRequest into web\npages directly via the \u003cobject\u003e tag, which could eliminate need for\nBIP0072 and potentially improve user interface integration that way.\nObviously this would require browser plugins, however.\n\nRoss\n\nOn 26/04/14 18:36, Mike Hearn wrote:\n\u003e\u003e PaymentRequests are limited to 50,000 bytes. I can't think of a reason why\n\u003e\u003e Payment messages would need to be any bigger than that. Submit a pull\n\u003e\u003e request to the existing BIP.\n\u003e\u003e\n\u003e In future it might be nice to have images and things in the payment\n\u003e requests, to make UIs look prettier. But with the current version 50kb\n\u003e should be plenty indeed.\n\u003e",
"sig": "7dfba63d5eb63c5a5e66bb322f7643e79db3192da7fa0d57e784fadf8aa4d64bebce306f0c19009794ec69621d45222837deec9c4b02e3694a346cada2a93dbb"
}