W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2011

Re: risks of custom clipboard types

From: Daniel Cheng <dcheng@chromium.org>
Date: Tue, 17 May 2011 10:31:33 -0700
Message-ID: <BANLkTi=THZJYp3w25ETUgiA91y4P3f4Xfg@mail.gmail.com>
To: Paul Libbrecht <paul@hoplahup.net>
Cc: Boris Zbarsky <bzbarsky@mit.edu>, public-webapps@w3.org
On Tue, May 17, 2011 at 10:18, Paul Libbrecht <paul@hoplahup.net> wrote:

>
> Le 17 mai 2011 à 19:14, Daniel Cheng a écrit :
>
> I actually did implement reading arbitrary types from the clipboard/drop at
> one point on Linux just to see how it'd work. When I copied a file in
> Nautilus, the full path to the file was available in several different
> flavors from the clipboard X selection. In order to prevent attacks of this
> sort, we'd have to determine the full set of types that file managers and
> other programs could potentially populate with file paths and then
> explicitly try to clean them of file paths. It's much easier to just go the
> other direction with a whitelist.
>
>
> This was certainly at least copied in plain-text as well, or?
> The risk is here today then already, correct? (even with traditional forms
> and a quick onchange that makes it invisible).
>
> paul
>

It is not because Chromium specifically clears the plain text type if it
detects a file drag.

Daniel
Received on Tuesday, 17 May 2011 17:31:58 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:45 GMT