W3C home > Mailing lists > Public > public-webapps@w3.org > July to September 2011

Re: Fwd: Re: CfC: new WD of Clipboard API and Events; deadline April 5

From: Hallvord R. M. Steen <hallvord@opera.com>
Date: Mon, 05 Sep 2011 12:13:35 +0200
To: rniwa@webkit.org, "WebApps WG" <public-webapps@w3.org>, "Anne van Kesteren" <annevk@opera.com>
Message-ID: <op.v1byoxl8a3v5gv@hr-opera.oslo.opera.com>
On Mon, 05 Sep 2011 10:44:13 +0200, Anne van Kesteren <annevk@opera.com>  

> On Sun, 04 Sep 2011 23:47:08 +0200, Hallvord R. M. Steen  
> <hallvord@opera.com> wrote:
>>> Also, scripts shouldn't be able to call clearData() during copy/cut  
>>> events, correct?
>> Why not? Is it useful in any other context?
> It can be abused to prevent copy and paste from a site. But maybe there  
> are other ways for that too.

Pretty much everything in this spec can be abused to cause nuisance.

>>> For "10. Cross-origin copy/paste of source code", we might also want  
>>> to consider stripping elements that can refer to external URLs such as  
>>> link, meta, base, etc...
>> Those will typically be in the HEAD and not usually part of a pasted  
>> fragment. We certainly don't want to remove A tags or their HREFs, so  
>> I'm not sure why we'd want to remove e.g. LINK.
> Depending on the type of <link> it can fetch its resource automatically.

As in <LINK rel=prefetch> and <LINK rel=stylesheet>?

Hallvord R. M. Steen, Core Tester, Opera Software
http://www.opera.com http://my.opera.com/hallvors/
Received on Monday, 5 September 2011 10:13:00 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:26:34 UTC