MPP.Client.AcceptPolicy (mpp v0.6.2)

Copy Markdown View Source

Gates Accept-Payment header injection on outgoing HTTP requests.

Without a gate, a global payment middleware advertises supported payment methods on every cross-origin request, which can break CORS preflight and leak wallet capabilities.

Defaults to :always for backwards compatibility (matches mpp-rs AcceptPaymentPolicy::Always).

API Functions

FunctionArityDescriptionParam Kinds
default0Return the default policy (:always).-
allows?2Return true if Accept-Payment injection is permitted for url.policy: value, url: value

Summary

Functions

Return true if Accept-Payment header injection is permitted for url.

Return the default policy (:always).

Types

t()

@type t() :: :always | :never | {:same_origin, String.t()} | {:origins, [String.t()]}

Functions

allows?(arg1, url)

@spec allows?(t(), String.t() | URI.t()) :: boolean()

Return true if Accept-Payment header injection is permitted for url.

default()

@spec default() :: t()

Return the default policy (:always).