Re: [w3c/editing] [Delayed Clipboard Rendering] Privacy issue while reading data for web custom types (Issue #439) from snianu on 2023-09-14 (public-webapps-github@w3.org from September 2023)

From: snianu <notifications@github.com>
Date: Thu, 14 Sep 2023 00:56:27 -0700
To: w3c/editing <editing@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/editing/issues/439/1718948585@github.com>

@annevk So if the target app doesn't request the web custom format, then the system clipboard wouldn't call back into the source app (in this case browser) where the callback is triggered for the web custom format. The malicious site wouldn't be able to know where the user pasted the content as the callback wouldn't be triggered in this case. Am I misunderstanding the issue?

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3c/editing/issues/439#issuecomment-1718948585
You are receiving this because you are subscribed to this thread.

Message ID: <w3c/editing/issues/439/1718948585@github.com>

Received on Thursday, 14 September 2023 07:56:34 UTC