question: handling in-app payment/iframes/etc?

[kylebakerio]

I'm trying to conceive of how one might handle receive payments in-app, e.g. from paypal. Do you know / have you experimented with having something like a payment page iframe featured in-app, without being pulled out to a new tab?

[kikoano]

I have forgotten but I think it was not possible to translate iframe elements. If its not needed to go on separate payment page you can just call a fetch REST API and design your own html input on the same page.

[kylebakerio]

As far as I know, generally payment processors don't allow that (just calling an API with someone's credit card info), since it would be too insecure. If I'm wrong I'd like to know, but it's an interesting gap. How could one possibly do secure input of sensitive info in webxr? seems impossible. guess we'd have to implement the portals API--maybe implement a 'bubble' for an iframe, where when you go in, none of your movements or inputs are tracked by the parent webxr context?

I wonder if anyone in the webxr space / w3c is really engaging with this question?