W3C home > Mailing lists > Public > public-webapi@w3.org > March 2006

Re: Safe copy and paste with scripts

From: Jim Ley <jim@jibbering.com>
Date: Sun, 5 Mar 2006 20:15:36 -0000
Message-ID: <006401c64091$94fc34f0$87b95c0a@Snufkin>
To: "Web API WG" <public-webapi@w3.org>

"ROBO Design" <robodesign@gmail.com>
> 1. Any script must not be allowed to read and write clipboard data unless 
> the user allows so (via a confirmation or a setting in the UA, whatever). 
> This must be a requirement.
> This is a security concern that, for example, IE doesn't deal with. Any 
> web site can overwrite clipboard data, or read the clipboard data without 
> the unsuspecting user ever knowing.

This is incorrect, it's specifically mentioned in a setting in the UA to 
allow or deny this behaviour, you can have it set to disallow/prompt or 
allow as per normal security settings in IE.

> 2. UAs should (or even must) make it so that the "clipboard data read and 
> write" features are only opt-in, not opt-out.

These are security and a specification is not the best place for discussing 
security - the reason being any UI will choose security over spec 
conformance anyway, and deciding the exact methods to be secure is down to 
the situation and the design of the browser.  A spec should specify how it 
should be done, it should do no more than highlight potential security 
problems of allowing unrestricted access to API's in informative notes.

> 3. Developers should have some DOM events that allow them to monitor the 
> clipboard data (cut/copy/paste and probably even selection deletion). All 
> these must work only after the user confirms access.

No specification should require a specific UI.

> 3. This sandboxed clipboard is per page: script won't have access to 
> clipboard data of other pages opened in other tabs/windows in the same UA.

That becomes very complicated with 2 or more pages accessing a clipboard at 
the same time, are you expecting multiple clipboards - that would be 
confusing for users I think.

> (I know this post goes a bit "off-topic" since it's not only about 
> security concerns.)



Received on Sunday, 5 March 2006 20:16:34 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:16:20 UTC