Re: Clipboard API: Enable `copy` event simulation with user's express permission (domain-wide)? from James Greene on 2013-07-25 (public-webapps@w3.org from July to September 2013)

From: James Greene <james.m.greene@gmail.com>
Date: Wed, 24 Jul 2013 20:11:00 -0500
To: Hallvord Steen <hsteen@mozilla.com>
Cc: Paul Libbrecht <paul@hoplahup.net>, public-webapps@w3.org, rohan@github.com
Message-ID: <CALrbKZjfMG2Ua6=nCN-42ADm=yrOnt8Kae-dbSZ-_f47wDc3AA@mail.gmail.com>

Hallvord —
I have also long agreed that clipboard poisoning is rarely that big of an
issue so long as we're not enabling programmatic reading of the clipboard
during a copy event (which I would agree is completely unnecessary).  As
you said, since Flash is already an available option to do this today (and
can thus only be prevented by disabling Flash, or enforcing specialized
clipboard sandboxing at a system level), moving it into the DOM world isn't
a big stretch by any means.

I also agree that making this ability the default is not unreasonable
anymore but I thought that might be a bit of a stretch... happy to see that
I am wrong. :)

Sincerely,
    James Greene

On Wed, Jul 24, 2013 at 5:34 PM, Hallvord Steen <hsteen@mozilla.com> wrote:

> [Replying to Paul's mail but it's really a response to James - sorry,
> Paul..]
>
> On 12 juil. 2013, at 21:57, James Greene wrote:
>
> > It appears that the only way to trigger a `copy` event programmatically
> is to use `document.execCommand('copy')`, which most browsers prevent:
> >
> http://www.w3.org/TR/clipboard-apis/#integration-with-other-scripts-and-events
>
> Correct.
>
> > What about enabling so enabling semi-restricted programmatic clipboard
> injection on a page
> > if the user grants their express permission via a once-per-domain
> security prompt (similar
> > to the Geolocation API)?
>
> Well, with my spec editor's hat on: Nothing really prevents UAs from
> implementing this already. They could hook up document.execCommand('Copy')
> to whatever that UA's convention for a security permission prompt is. I'd
> like to see this, actually.
>
> That said, this functionality doesn't really have privacy implications (as
> long as it is about programmatically *writing to*, not *reading from* the
> clipboard) so it's mostly just about preventing nuisance, plus some
> slightly far-fetched security threats (which aren't all that credible if
> they are not already exploited with Flash's clipboard implementation). Our
> intentions as implementors has sort of moved towards enabling all the cool
> stuff apps and sites might do, and away from trying to control nuisance.
> It's quite possible to argue that writing to the clipboard should be
> enabled by default.
> -Hallvord
>

Received on Thursday, 25 July 2013 01:11:48 UTC