RE: Clipboard access through events from Tim Reilly on 2004-04-06 (www-svg@w3.org from April 2004)

From: Tim Reilly <tim.reilly@consultant.com>
Date: Mon, 5 Apr 2004 22:52:21 -0400
To: <www-svg@w3.org>
Message-ID: <DFELLFNEHCMNIPIBAAPGCEJCDEAA.tim.reilly@consultant.com>

[Jan-Klaas Kollhof wrote:]
> Hi,
>
> Clipboard functionality is not just something nice to
> have but something which people want to see in an
> application weather or not it is SVG.
[snip`d]
> So, what do you think?
> Jan

Hi Jan,

 IMHO I agree. Additionally, I think in an untrusted environment the svg
client MUST present a dialog notifying the user that the application wishes
to access the system clipboard [OK|Cancel] style. The following is a
hypothetic example of the security issue with the system clipboard, but not
an unreasonable use case:
 "Joe user is completing an online order in his web browser. This user
prefers to maintain his credit card account information in his email
client's "notes" function. The user opens the "note" and copies his credit
card information into the system clipboard. The user pastes this information
into the online form and completes his order on that site. Next the user
browses to BadCo's website. BadCo's website picks off all user's clipboards
through scripted clipboard access just waiting for a user like Joe to leave
something sensitive their. The information is then posted back to BadCo's
servers and used for ill."

Perhaps the specification could allow programmatic access to the system
clipboard with the restriction that in an untrusted environment a user
dialog must be presented (once) for the user to confirm this svg application
instance may access the clipboard. I think scripted access to the clipboard
IS important, not solely when initiated by the user.

Personally I've just begun to review the specification in the hopes of
building rich web applications. So far I'm very excited by the 1.2
specification (however, some key elements I would require are absent.) One
of the applications that would be very nice to be able to create is an
"in-the-browser" html/xml/rtf editor. Programmatic access to the system
clipboard would be ideal for this type of application. If access to the file
system via a dialog would be available; why not then the system clipboard
(if one is available)? Same principle that's being applied to the file
system should naturally carry over to the clipboard in my opinion.

I've been trying to read through some of the archives for this list, as I'm
new here. I apologize if this has been discussed previously.

-TR

Received on Monday, 5 April 2004 23:47:54 UTC