This iframe is same-origin, so it is allowed to request payments:
This cross-origin iframe is not allowed to request payments:
This cross-oroigin iframe is allowed to request payments via
allowpaymentrequest attribute:
This cross-origin iframe is allowed to request payments via
allow="payment" attribute: