[w3c/clipboard-apis] Add privacy considerations for the clipboardchange event (Issue #230) from Jeffrey Yasskin on 2024-11-27 (public-webapps-github@w3.org from November 2024)

From: Jeffrey Yasskin <notifications@github.com>
Date: Wed, 27 Nov 2024 10:03:58 -0800
To: w3c/clipboard-apis <clipboard-apis@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/clipboard-apis/issues/230@github.com>

The Asynchronous Clipboard API allows reading the clipboard (including copied passwords), at any time by default, but the privacy considerations for it suggest that UAs might restrict it to after a user gesture. If a page is trying to steal data, it has to guess when that data's likely to be on the clipboard. It can poll, but polling is potentially suspicious, and a UA might alert the user or take other countermeasures.

[`clipboardchange`](https://www.w3.org/TR/clipboard-apis/#clipboard-event-clipboardchange) changes the behavior to allowing the page to trivially track the entire history of the clipboard. This should be called out in the privacy considerations, and the WG should describe any potential mitigations there, since the first current mitigation in that section doesn't apply to this new event.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3c/clipboard-apis/issues/230
You are receiving this because you are subscribed to this thread.

Message ID: <w3c/clipboard-apis/issues/230@github.com>

Received on Wednesday, 27 November 2024 18:04:02 UTC