Re: risks of custom clipboard types from Paul Libbrecht on 2011-05-17 (public-webapps@w3.org from April to June 2011)

From: Paul Libbrecht <paul@hoplahup.net>
Date: Tue, 17 May 2011 19:18:30 +0200
To: Daniel Cheng <dcheng@chromium.org>
Cc: Boris Zbarsky <bzbarsky@mit.edu>, public-webapps@w3.org
Message-Id: <15B91D52-DB49-489D-BFFD-D3871A771819@hoplahup.net>

Le 17 mai 2011 à 19:14, Daniel Cheng a écrit :

> I actually did implement reading arbitrary types from the clipboard/drop at one point on Linux just to see how it'd work. When I copied a file in Nautilus, the full path to the file was available in several different flavors from the clipboard X selection. In order to prevent attacks of this sort, we'd have to determine the full set of types that file managers and other programs could potentially populate with file paths and then explicitly try to clean them of file paths. It's much easier to just go the other direction with a whitelist.

This was certainly at least copied in plain-text as well, or?
The risk is here today then already, correct? (even with traditional forms and a quick onchange that makes it invisible).

paul

Received on Tuesday, 17 May 2011 17:18:54 UTC