Re: Clipboard API: Enable `copy` event simulation with user's express permission (domain-wide)?

On Tue, Feb 18, 2014 at 1:12 PM, Hallvord R. M. Steen
<hsteen@mozilla.com> wrote:
> So, the story so far is that the spec has added something it labels "semi-trusted events" - that is an event triggered from a trusted event of a whitelisted type. The precedence here is popup blocking - browsers already have rules for which events are "more trusted than others" in terms of likely expressing user intent. (An example makes this clearer: scripts are typically allowed to call window.open() from a click event listener, but are typically not allowed to call window.open() from an load or mouseover listener.)

Those rules are part of a standard these days:
http://www.whatwg.org/specs/web-apps/current-work/#allowed-to-show-a-popup

You might want to file a bug to extend the list of trusted event types there.


-- 
http://annevankesteren.nl/

Received on Monday, 17 March 2014 12:15:28 UTC