W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2012

Re: [Clipboard] checking if implementation allows reading/writing a given type to the OS clipboard

From: Paul Libbrecht <paul@hoplahup.net>
Date: Fri, 17 Feb 2012 20:18:46 +0100
Cc: "Hallvord R. M. Steen" <hallvord@opera.com>, public-webapps@w3.org
Message-Id: <E43A61C5-C6E4-4947-BF84-8D8EDE89344C@hoplahup.net>
To: Ryosuke Niwa <rniwa@webkit.org>

Le 17 févr. 2012 à 19:25, Ryosuke Niwa a écrit :

> On Fri, Feb 17, 2012 at 10:10 AM, Paul Libbrecht <paul@hoplahup.net> wrote:
> I have one concern: media-types are likely to be insufficient and "flavour names", whatever they are on the host platform should be allowed I think. Almost arbitrary strings on Windows and Uniform Type Identifiers on Mac should be allowed, I think.
> 
> Realistically, I don't think we'll ever let the wild Web get/set arbitrary data like that. But maybe we can do that for privileged websites (ones that the user trusts).

I'm easy here. I sure do not want to slow down progress of this spec.
I think it makes sense but well...
(I find UTIs rather sexy since they have inheritance which media-types do not have).

Hallvord, it should be called media-types btw, or?

> Yes, it does happen: I think I know that in Windows the supported flavour-names depend on the launched applications. On Mac it depends on the applications whose descriptor has been loaded (by the Finder I think, it might also be those that have been launched once). At least an application download and launch can cause a change in the supported media-types of the OS.
> 
> Right. These will become problems if we decide to expose all platform types.
> 
> However, would the browsers be informed of such a change? Would they be able to consider a given type as being safe and not needing a sanitization?
> 
> I don't think that's possible without some sort of pre-knowledge about how the data is processed. In practice, we always hard-code this kind of information somewhere so I'm even not sure if such an elaborate behavior can be implemented.

If anyone is willing to consider trusted web-sites (and MSIE already does?) then it is worth included.

paul
Received on Friday, 17 February 2012 19:19:44 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:50 GMT