#yoni

Hi
Nope, you need to share the link with the customer that should use the Checkout Session

So if a user loads a checkout session from a browser, then logs out and leaves, another user can look through the browser history and return to the same session?

Yes, there is nothing sensitive in the Checkout Session they can simply purchase the goods

Why is there nothing sensitive though? It's accessing the data of an existing Stripe customer entity, and could potentially use their default payment method that was previously set, no?

If the user has access to the laptop it self you mean or just got the Checkout Session ?

Somehow got the checkout session URL - real user used a shared computer somewhere, logged out, and someone else used the same computer and checked the browser history

If they are using a shared computer I assume that the existing PaymentMethod is shared too, otherwise they should not save their PaymentMethods on a shared computer.

That doesn't really make sense - after I sign out of my accounts in a browser, I wouldn't expect someone else to be able to use my payment details

and they wouldn't as far as I know. If you just visit the CheckoutSession page again, you're just seeing the Checkout page with the usual empty inputs

taking a step back, what specific problem are you trying to solve here, what is the worry about someone being able to visit an existing unexpired CheckoutSession for your requirements?

I'm worried about a possible security issue - the potential for customer information to leak simply because of access to a checkout session URL

If I open the checkout URL in an incognito browser for instance, the same page loads exactly, with the customer's email populated in the form

yep, it will be prefilled if the customer_email parameter was used