- From: CSS Meeting Bot <notifications@github.com>
- Date: Thu, 10 Feb 2022 08:30:55 -0800
- To: w3c/clipboard-apis <clipboard-apis@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3c/clipboard-apis/pull/164/c1035130436@github.com>
The Web Editing Working Group just discussed `Checking on the blocked clipboard-write permission?`. <details><summary>The full IRC log of that discussion</summary> <Travis> Topic: Checking on the blocked clipboard-write permission?<br> <Travis> github: https://github.com/w3c/clipboard-apis/pull/164<br> <Travis> BoCupp: I think the interested party is not here though...<br> <Travis> .. should probabaly ping Mozilla.<br> <Travis> .. Problem: we use clipboard read/write permission so that they can be granted to iframes.<br> <Travis> .. iframe's can't even do it without delegated authority.<br> <Travis> .. Office programs are hosted in different hosts and run in iframes. So we wanted to remove this.<br> <Travis> .. the objection was that firefox/safari were aligned on not wanting that.<br> <Travis> .. Seems like Apple has a trusted UI context menu. A second click is needed.<br> <Travis> .. Firefox has not shipped the API yet... I was wondering what Firefox' model is/will be. How would they solve the delegated authority issue?<br> <Travis> .. Will the adopt the Apple approach? Will the not have a permission? Have they even faced the issue yet?<br> <Travis> .. want to leave the issue as-is in hope of getting alignment on the current behavior? That's why we've left it blocked.<br> <Travis> johanneswilm: Remind us why you need an iframe?<br> <Travis> BoCupp: Yes, Microsoft Sharepoint is a shell that allows browsing of documents... when a doc is opened, Sharepoint loads a cross-origin iframe with the "word" logic to display it.<br> <Travis> .. Office app architecture is designed to be hosted in cross-origin iframes.<br> <Travis> .. Also, navigator.clipboard.read does not need to happen in context of a paste event. It may require a user gesture.<br> <Travis> .. We don't want the user to get prompted from some random iframe unless that authority has been delegated.<br> <Travis> Travis: user only sees the address bar url.. iframe prompt would look like it came from that url. Confusing to the user.<br> <Travis> BoCupp: I don't think there's an action to take today other than a followup later.<br> </details> -- Reply to this email directly or view it on GitHub: https://github.com/w3c/clipboard-apis/pull/164#issuecomment-1035130436 You are receiving this because you are subscribed to this thread. Message ID: <w3c/clipboard-apis/pull/164/c1035130436@github.com>
Received on Thursday, 10 February 2022 16:31:09 UTC