W3C home > Mailing lists > Public > public-webapi@w3.org > February 2006

Safe copy and paste with scripts

From: Paul Libbrecht <paul@activemath.org>
Date: Fri, 24 Feb 2006 17:50:03 -0500
Message-ID: <43FF8D9B.3040803@activemath.org>
To: public-webapi@w3.org

Hello,

no-one really answered my question about sandboxing so I'll just 
formulate things differently.

My interest was to enable copy and paste of mathematical formulae which 
are *presented* using HTML (or MathML-presentation) but covers any 
application that wishes to copy something that is not the presentation 
but a "data on the back". Looking around at APIs about it one sees either:
- access to the clipboard is denied by normal sandboxed environments 
(Java Applets, Flash more or less, JavaScript)
- or is granted to trusted applications
This isn't practical: getting the trust should not be something of 
everyday so that, basically, web-developers abandon copy and paste 
although it is arguably the most usable transfer-paradigm.
The problem is indeed to access the clipboard (e.g. an ad reading your 
clipboard) but that could be avoided and still allow copy and paste:

An element or component could have methods to read content from and 
write content to: the read would return the data in a set of 
translatable content-types and the write would be presented a choice of 
them and choose one.
And these read and write operations can be, simply, triggered by the 
*standard gestures* of the system (e.g. in an edit menu) which should 
not be callable by the script code.

Is this unsecure ?
Are we lacking, maybe, requirements about selection display ?

paul

PS: Changing the selection, and displaying it well, is, actually, 
something that also needs special treatment in mathematics...
Received on Friday, 24 February 2006 22:50:08 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:53 GMT