Re: Copy to Clipboard - ambush and abuse by javascript

I mostly agree with Robin's mail and that workshop sounds exciting!
One comment though:

> If we were to specify some form of "private copy" operation (as  
> Jonas, relayed by Paul, describes here) it would block highjacking  
> the copy operation, but it wouldn't block detecting text selection.  
> Analytics information could then be deduced from that (which is  
> likely close enough for decent statistics), and a hidden but  
> selected attribution could also be injected.

"hidden watermarking" is unlikely to be very near, or... could be  
fought about, here's an idea

During that same TPAC (Mandelieu), I discussed with the MSIE team,  
Adrian Bateman in particular, hoping that some markup could be  
negotiated to offer web-pages that a copy of a given subtree also  
copies any alternative format suggested by the markup and they were  
sharply against: it's super easy to inject dangerous things this way!!  
(WMF seems to be the best example). So browsers need to be sure the  
content that is copied is "safe".

- That's easy for plain text and raster pictures.
- That's easy to disqualify for WMF.
- But that's not easy at all for HTML: it is wished by many, but it  
needs to be undressed:
-- remote picture references are a privacy concern (they would  
suddenly be pulled if you pasted that, say, in a mail application)
-- embeds are a huge concern (they start to run in the local scope  
which is a lot more powerful than the sandbox)
- ...
(I still can't believe it's dangerous for many many formats... but who  
knows? It sounds safe for PDF but not for SVG for example...)

So the MSIE team has a "sanitization" method which they use in CMS'  
rich editors to make sure that a pasted content will be clean, it seems.
MathML's chapter 6 warns about this in its clipboard section.
HTML 5 also I think.

Could such sanitization be leveraged to avoid such watermarking??
At least J Sicking's "plain copy" would need to be of this sort, if  
handling HTML.

paul