W3C home > Mailing lists > Public > public-webapps@w3.org > July to September 2011

Re: Fwd: Re: CfC: new WD of Clipboard API and Events; deadline April 5

From: Anne van Kesteren <annevk@opera.com>
Date: Mon, 05 Sep 2011 10:44:13 +0200
To: rniwa@webkit.org, "Hallvord R. M. Steen" <hallvord@opera.com>, "WebApps WG" <public-webapps@w3.org>
Message-ID: <op.v1bt3q0z64w2qv@annevk-macbookpro.local>
On Sun, 04 Sep 2011 23:47:08 +0200, Hallvord R. M. Steen  
<hallvord@opera.com> wrote:
>> Also, scripts shouldn't be able to call clearData() during copy/cut  
>> events, correct?
>
> Why not? Is it useful in any other context?

It can be abused to prevent copy and paste from a site. But maybe there  
are other ways for that too.


>> For "10. Cross-origin copy/paste of source code", we might also want to  
>> consider stripping elements that can refer to external URLs such as  
>> link, meta, base, etc...
>
> Those will typically be in the HEAD and not usually part of a pasted  
> fragment. We certainly don't want to remove A tags or their HREFs, so  
> I'm not sure why we'd want to remove e.g. LINK.

Depending on the type of <link> it can fetch its resource automatically.


-- 
Anne van Kesteren
http://annevankesteren.nl/
Received on Monday, 5 September 2011 08:44:39 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:47 GMT