W3C home > Mailing lists > Public > public-webapi@w3.org > March 2006

Re: Safe copy and paste with scripts

From: Jonas Sicking <jonas@sicking.cc>
Date: Sun, 05 Mar 2006 05:07:22 -0800
Message-ID: <440AE28A.4060204@sicking.cc>
To: Doug Schepers <doug@schepers.cc>
Cc: 'Web APIs WG' <public-webapi@w3.org>

> I don't think that the risk of nasty hacks outweighs the utility of
> clipboard access. No doubt some abuse will occur, but I think that the
> easiest way of dealing with all nasty JS abuse is to give users an obvious
> and simple "Disable Script" button that applies to the current tab. That way
> they can, if necessary, copy text, use the context menu, and all the other
> things that malicious control-freaks can dish out.

I am not 100% sure that abuse will be a bad enough problem to not add 
this feature.

That said, any solution that tries to add UI to let the user work around 
problems in a proposed API is dead in the water. The majority of users 
have no idea what script is, and even fewer are going to think to turn 
to a 'disable script' button when something in their browser doesn't 
seem to be working.

/ Jonas
Received on Sunday, 5 March 2006 13:07:31 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:53 GMT