web-monetization-extension icon indicating copy to clipboard operation
web-monetization-extension copied to clipboard
verified publisher icon interledger

[Monetization flow - Content] - IFrames

Open dianafulga opened this issue 2 years ago • 2 comments

When a web monetized website contains iframes, the WM extension inspects only the header of an iframe for the monetization tag and its wallet address. The extension does not inspect nested iframes for the monetization tag.

If there are multiple iframes within the main frame, the extension still only inspects the header of the iframe, and disregards its body or any nested iframes.

Based on the above, the extension evenly splits the amount it pays to a WMized website between the number of wallets identified for monetization:

  • If a website has 1 monetization tag (and wallet) in its primary frame, and it also has 3 distinct iframes that each have a monetization tag (and wallet address) in their header, then the extension evenly splits the WM payment between a total of 4 WM wallet addresses (i.e. one to the wallet in the primary frame, and one to each wallet of each of the 3 iframes)
  • The extension disregards anything other than the first monetization tag and wallet in the header of an iframe. So, if there are multiple WM tags/wallets in the header of an iframe, the extension only inspects the first one, and disregards the rest.
  • If an iframe has a monetization tag anywhere other than the header, the ext. also disregards those.
  • If there are nested iframes, definitely disregard them.

dianafulga avatar Apr 18 '24 07:04 dianafulga

The majority of this work will be more about testing. We're anticipating covering the following test scenarios, to get ready for alpha:

  • page with single iframe (then with one or multiple wallet addresses in the one iframe...and so on for the test scenarios listed below)
  • page with multiple iframes nested
  • page with multiple iframes not nested

Aiming to put into review tomorrow (19 April), ahead of work-week in Cluj.

tselit avatar Apr 18 '24 09:04 tselit

Decided on 24 April that to handle limiting the scope for the alpha build as follows:

  • Only evaluate/inspect the first link tag we encounter in the iframe.
  • If the first tag is invalid, then stop any further evaluation.
  • Keep track of the validity of the first link tag.

tselit avatar Apr 24 '24 08:04 tselit

The current implementation is using postMessage to all domains, which may imply that some site that have they have an event listener will intercept it and might impact their site (for example: an website can refresh the page if it receives an unknown message) There is another possible solution, much more complicated solution, using the background as a middle man to retrieve the frameId.

dianafulga avatar May 09 '24 09:05 dianafulga

What remains is to implement the following (estimate 8 hrs to have this ready for review): ensuring that the WM icon display is correctly updated when a website has iframes, including when a website is not monetized but it does have a monetized iframe.

tselit avatar May 16 '24 13:05 tselit