Safe copy and paste with scripts


no-one really answered my question about sandboxing so I'll just 
formulate things differently.

My interest was to enable copy and paste of mathematical formulae which 
are *presented* using HTML (or MathML-presentation) but covers any 
application that wishes to copy something that is not the presentation 
but a "data on the back". Looking around at APIs about it one sees either:
- access to the clipboard is denied by normal sandboxed environments 
(Java Applets, Flash more or less, JavaScript)
- or is granted to trusted applications
This isn't practical: getting the trust should not be something of 
everyday so that, basically, web-developers abandon copy and paste 
although it is arguably the most usable transfer-paradigm.
The problem is indeed to access the clipboard (e.g. an ad reading your 
clipboard) but that could be avoided and still allow copy and paste:

An element or component could have methods to read content from and 
write content to: the read would return the data in a set of 
translatable content-types and the write would be presented a choice of 
them and choose one.
And these read and write operations can be, simply, triggered by the 
*standard gestures* of the system (e.g. in an edit menu) which should 
not be callable by the script code.

Is this unsecure ?
Are we lacking, maybe, requirements about selection display ?


PS: Changing the selection, and displaying it well, is, actually, 
something that also needs special treatment in mathematics...

Received on Friday, 24 February 2006 22:50:08 UTC