- From: Evan Stade <notifications@github.com>
- Date: Fri, 03 Nov 2023 14:03:21 -0700
- To: w3c/clipboard-apis <clipboard-apis@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3c/clipboard-apis/pull/197/review/1713528574@github.com>
@evanstade commented on this pull request.
> @@ -841,7 +861,11 @@ url: https://w3c.github.io/permissions/#permissions-task-source; type: dfn;
Issue: It should be possible to read the data asynchronously from the system clipboard after the author calls getType, however, this set of steps implies that data will be provided at the time of read.
- 1. The user agent, MAY sanitize |representation|'s [=representation/data=], unless |representation|'s [=representation/MIME type=]'s essence is "image/png", which should remain unsanitized to preserve meta data.
+ 1. The user agent, MAY sanitize |representation|'s [=representation/data=], unless it satisfies the below conditions:
We don't have to necessarily define the exact steps that constitute hyopthetical sanitization, but it does seem that it would be useful to describe what it's not, because another way to word this text is: "The user agent MUST NOT sanitize the data if it satisfies the below conditions". So what exactly is the user agent not allowed to do, or must it do, if it's providing "unsanitized" data?
In particular, this came up in [code review](https://chromium-review.googlesource.com/c/chromium/src/+/4779949) where, after some discussion, it was decided that the CFHTML fragment tags should be left in place. The spec should be clear about this so other vendors don't come to a different conclusion at the implementation step.
--
Reply to this email directly or view it on GitHub:
https://github.com/w3c/clipboard-apis/pull/197#discussion_r1382200560
You are receiving this because you are subscribed to this thread.
Message ID: <w3c/clipboard-apis/pull/197/review/1713528574@github.com>
Received on Friday, 3 November 2023 21:03:27 UTC