- From: João Eiras <joao.eiras@gmail.com>
- Date: Tue, 10 May 2011 12:08:32 +0100
- To: public-webapps@w3.org
On Tue, May 10, 2011 at 8:41 AM, timeless <timeless@gmail.com> wrote: > I'm not really excited by the return of the attack on context menus. > Allowing web sites to hold user's browsers hostage is a bad starting > point. It might be ok if the user had to first opt into rich editing - > maybe. > > Note that we only recently added protection for users against 'what > you see is not what you copy' (serializers are now fairly css aware). > Neither do I but it's a user agent issue to provide ways to override sites using this feature in a way that affects user negatively, because the feature and the use case is legitimate. Anyway, it would not introduce a new problem given that overriding clipboard contents is done already, although by a select few, using plugins, or if copy events are supported, after the copy event, using setData. So ignoring the use case just gives a false sense of security.
Received on Tuesday, 10 May 2011 11:09:45 UTC